Main Banks Non-banking financial sector Cyber fraud

CVE-2018-16175

SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors.

    Product

  • thimpress learnpress 1.0
  • thimpress learnpress 2.0.6
  • thimpress learnpress 2.0.9
  • thimpress learnpress 2.1.0
  • thimpress learnpress 2.1.3
  • thimpress learnpress 2.1.4
  • thimpress learnpress 2.1.5.2
  • thimpress learnpress 2.1.5.3
  • thimpress learnpress 2.1.6
  • thimpress learnpress 2.1.7
  • thimpress learnpress 2.1.8
  • thimpress learnpress 3.0.0

Score

6.5

Source

http://nvd.nist.gov

Access-complexity

LOW

Access-vector

NETWORK