Security Advisory

CVE-2020-12429

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-28 19:02:46

Last updated 2024-08-04 11:56:51

Assigner mitre

State PUBLISHED

Description

Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php.

← Browse all CVEs View on cve.org ↗