Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Changjia_property_management_system
(Changjia_property_management_system_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-17 | CVE-2021-22856 | The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege. | Changjia_property_management_system | 7.5 | ||
| 2021-02-17 | CVE-2021-22857 | The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily. | Changjia_property_management_system | 7.5 | ||
| 2021-02-17 | CVE-2021-22858 | Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions. | Changjia_property_management_system | 8.8 |