CVEブラウザに戻る

CVE-2021-36560

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1570%

EPSS Percentile13.38th

Published2021年11月2日

Last Modified2024年11月21日

Vulnerability Description

Phone Shop Sales Managements System using PHP with Source Code 1.0 is vulnerable to authentication bypass which leads to account takeover of the admin.

Affected Platforms (CPE)

📦

Phone Shop Sales Management System Project

Phone Shop Sales Management System

= 1.0

References & Advisories

🔗 https://pratikkhalane91.medium.com/cve-2021-35559-bb62022dd08a

🔗 https://www.sourcecodester.com/

🔗 https://pratikkhalane91.medium.com/cve-2021-35559-bb62022dd08a

🔗 https://www.sourcecodester.com/

関連する脆弱性情報

CVE-2021-366239.8

Arbitrary File Upload in Sourcecodester Phone Shop Sales Management System 1.0 enables RCE.

CVE-2021-366249.8

Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for a...

CVE-2021-353374.3

Sourcecodester Phone Shop Sales Managements System 1.0 is vulnerable to Insecure Direct Object Reference (IDOR). Any attacker will...

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...