← volver
CVE-2021-41647

CVE-2021-41647

EPSS 1.9%
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.htmlhttps://github.com/kaushikjadhav01/Online-Food-Ordering-Web-Apphttps://github.com/MobiusBinary/CVE-2021-41647https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647