SQL Injection Vulnerability in Testa Online Test Management System
CVE-2013-6873

Currently unrated

Key Information:

Vendor: Testa
Status: Online Test Management System
Vendor: CVE Published:; 26 November 2013

What is CVE-2013-6873?

The Testa Online Test Management System (OTMS) version 2.0.0.2 contains a SQL injection vulnerability that allows remote attackers to inject and execute arbitrary SQL commands through the 'test_id' parameter. This weakness could lead to unauthorized data access, manipulation of the database, and potential system compromise. It is crucial for organizations utilizing this software to implement security patches and conduct regular vulnerability assessments to safeguard their systems.

References

http://secunia.com/advisories/55752

third-party-advisoryx_refsource_SECUNIA

http://packetstormsecurity.com/files/124035/testa-sql.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/89082

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 26, 2013
Vulnerability Reserved
Nov 26, 2013

CVE-2013-6873 Data

JSON