Vulnerability CVE-2021-44653

Vulnerability CVE-2021-44653

Published: 2021-12-15

Description:

Online Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to gain access as admin to the application.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Online magazine management system project -> Online magazine management system

References:

https://www.exploit-db.com/exploits/50561

Copyright 2024, cxsecurity.com