RSS   Vulnerabilities for
'Simple water refilling station management system'
   RSS

2021-09-07
 
CVE-2021-38840

CWE-89
 

 
SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.

 
 
CVE-2021-38841

CWE-434
 

 
Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action.

 


Copyright 2024, cxsecurity.com

 

Back to Top