CVE-2021-42665

Опубликовано: 05 нояб. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication.

Ссылки

https://github.com/TheHackingRabbi/CVE-2021-42665
Exploit
Third Party Advisory
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42665
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/50452
Exploit
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html
Product
Third Party Advisory
https://github.com/TheHackingRabbi/CVE-2021-42665
Exploit
Third Party Advisory
https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42665
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/50452
Exploit
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html
Product
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:engineers_online_portal_project:engineers_online_portal:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05414

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-5vc7-wq49-64h9

github

больше 3 лет назад