Описание
The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication.
The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-41511
- https://github.com/Ni7inSharma/CVE-2021-41511
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41511
- https://streamable.com/9fq8uw
- https://www.exploit-db.com/exploits/50372
- https://www.nu11secur1ty.com/2021/10/cve-2021-41511.html
- https://www.sourcecodester.com/php/14883/lodging-reservation-management-system-php-free-source-code.html
- http://packetstormsecurity.com/files/164366/Lodging-Reservation-Management-System-1.0-SQL-Injection.html
Связанные уязвимости
CVSS3: 9.8
nvd
больше 4 лет назад
The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication.