CVE-2023-5634

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ArslanSoft Education Portal allows SQL Injection. This issue affects Education Portal: before v1.1.

critical 9.8 CVSS 3.1
Published: Dec 1, 2023
Modified: May 21, 2026
Vendor: Arslansoft Education Portal Project
Product: Arslansoft Education Portal

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ArslanSoft Education Portal allows SQL Injection.

This issue affects Education Portal: before v1.1.

References

Related CVEs

CVE-2023-5635 high · 7.5
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting. This issue affects Education Portal: be
CVE-2023-5636 critical · 9.8
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection. This issue affects Education Portal: before v1.1.
CVE-2023-5637 high · 7.5
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable. This issue affects Education Porta