CVE-2020-10505

The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of SQL Injection, an attacker can use a union based injection query string to get databases schema and username/password. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt