Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) Candidate Name field.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
avanset visual certexam manager 3.0 |
||
avanset visual certexam manager 2.8.1 |
||
avanset visual certexam manager 2.3 |
||
avanset visual certexam manager 2.1.1 |
||
avanset visual certexam manager 3.2 |
||
avanset visual certexam manager 3.1.1 |
||
avanset visual certexam manager 2.6 |
||
avanset visual certexam manager 2.5 |
||
avanset visual certexam manager |
||
avanset visual certexam manager 3.2.1 |
||
avanset visual certexam manager 2.8 |
||
avanset visual certexam manager 2.7 |
||
avanset visual certexam manager 2.1 |
||
avanset visual certexam manager 2.0 |
||
avanset visual certexam manager 3.1 |
||
avanset visual certexam manager 3.0.1 |
||
avanset visual certexam manager 2.4.2 |
||
avanset visual certexam manager 2.4.1 |
||
avanset visual certexam manager 2.4 |
Vulmon