Easy Test Project: >> Easy Test >> 17l18s Security Vulnerabilities
The Download function’s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-01-03
The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote attacker authenticated as a general user can exploit this vulnerability to bypass the intended access restrictions, to make API functions calls, manipulate system and terminate service.
CVSS Score
8.8
EPSS Score
0.0
Published
2023-01-03