CVE-2021-42334

Summary

The Easytest contains SQL injection vulnerabilities. After obtaining a user’s privilege, remote attackers can inject SQL commands into the parameters of the elective course management page to obtain all database and administrator permissions.

Affected Software

VendorProductVersion RangeStatus
Huachu Digital Technology Co.,Ltd.Easytest1705affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References