CVE-2019-16264

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
16/09/2019
Last modified:
17/09/2019

Description

In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC) v1, the username parameter of the authentication form is vulnerable to SQL injection, allowing attackers to access the database.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:egpp:sistema_integrado_de_gestion_academica:1:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools