Metrics
Affected Vendors & Products
Thu, 31 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Shanghai Gedan Network Technology
Shanghai Gedan Network Technology teaching |
|
CPEs | cpe:2.3:a:shanghai_gedan_network_technology:teaching:*:*:*:*:*:*:*:* | |
Vendors & Products |
Shanghai Gedan Network Technology
Shanghai Gedan Network Technology teaching |
|
Metrics |
ssvc
|
Wed, 30 Oct 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability classified as critical was found in open-scratch Teaching 在线教学平台 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | open-scratch Teaching 在线教学平台 URL getDictItemsByTable sql injection | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-10-30T19:31:06.659Z
Updated: 2024-10-31T13:41:42.172Z
Reserved: 2024-10-30T13:41:19.316Z
Link: CVE-2024-10546
Updated: 2024-10-31T13:41:31.197Z
Status : Awaiting Analysis
Published: 2024-10-30T20:15:03.700
Modified: 2024-11-21T08:48:43.797
Link: CVE-2024-10546
No data.