Unrated severityNVD Advisory· Published Apr 10, 2014· Updated Jun 17, 2026
CVE-2014-1455
CVE-2014-1455
Description
SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to execute arbitrary SQL commands via the new password.
Affected products
2cpe:2.3:a:pearson:esis_enterprise_student_information_system:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pearson:esis_enterprise_student_information_system:*:*:*:*:*:*:*:*range: <=3.3.0.13
- (no CPE)range: <=3.3.0.13
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.