Summary
Course Registration Management System is prone to multiple input- validation vulnerabilities, including:
1. Multiple cross-site scripting vulnerabilities
2. An SQL-injection vulnerability
3. A local file-include vulnerability
Exploiting these issues could allow an attacker to execute arbitrary script code and PHP code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Course Registration Management System 2.1 is vulnerable other
versions may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe ColdFusion Authentication Bypass Vulnerability
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
- A-A-S Application Access Server Multiple Vulnerabilities
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities