- Visit the CWP Control Panlel url :
- Enter a valid username and any email address (here the attacker will put his email id) Capture the request in Burp Suite
Click Forward In the next intercept, change the value "0" to "1"
[description] | |
SQL injection in "/Framewrk/Home.jsp" file (POST method) in "tCredence" allows authenticated remote attackers to inject payload via "v" parameter. | |
------------------------------------------ | |
[Vulnerability Type] | |
SQL Injection | |
------------------------------------------ |
Vulnerability Description: Cross-Site Scripting (XSS) in MOODLE 3.10.9 | |
Affected Product: MOODLE | |
Affected Version(s): 3.10.9 (Versions prior to 3.11.4 might also be affected) | |
CVE ID: Not assigned (hypothetical) | |
Description: |