| Title | 上海鸽蛋网络科技有限公司 Teaching online teaching platform v2.7 SQL Injection |
|---|
| Description | Teaching is an open-source system developed in Java by Shanghai Pigeon Egg Network Technology Co., Ltd. It offers a low-cost trial opportunity for institutions and schools to provide STEAM online education solutions. The platform integrates CRM, academic management, homework, question bank, competition, and community systems. It also encapsulates common tools such as various utility classes, WeChat ecosystem integration, and payment integration. The official open-source address is: https://github.com/open-scratch/teaching-open
The Teaching online teaching platform <= version 2.7 has a SQL injection vulnerability. Attackers can exploit this vulnerability to obtain sensitive system data. |
|---|
| Source | ⚠️ https://wiki.shikangsi.com/post/share/dfde9afc-8d64-4022-a6ca-3c1a323c5e66 |
|---|
| User | wiki (UID 72124) |
|---|
| Submission | 10/22/2024 04:50 (8 months ago) |
|---|
| Moderation | 10/30/2024 14:41 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 282520 [open-scratch Teaching 在线教学平台 up to 2.7 URL getDictItemsByTable sql injection] |
|---|
| Points | 20 |
|---|