exploitDog

CVE-2021-43510

Опубликовано: 01 фев. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Средний

Описание

SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the username field in login.php.

Ссылки

https://github.com/r4hn1/Simple-Client-Management-System-Exploit/blob/main/CVE-2021-43510
Exploit
Third Party Advisory
https://r4hn1.medium.com/journey-to-first-two-cve-by-rahul-kalnarayan-307e2e87ee26
Exploit
Third Party Advisory
https://github.com/r4hn1/Simple-Client-Management-System-Exploit/blob/main/CVE-2021-43510
Exploit
Third Party Advisory
https://r4hn1.medium.com/journey-to-first-two-cve-by-rahul-kalnarayan-307e2e87ee26
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_client_management_system_project:simple_client_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.67767

Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-gxfc-gg6p-8hg5

github

около 4 лет назад

SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the username field in login.php.

EPSS

Процентиль: 99%

0.67767

Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89