CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-42665

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0910%
EPSS Percentile22.84th
Published2021年11月5日
Last Modified2024年11月21日

Vulnerability Description

An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication.

Affected Platforms (CPE)

📦
Engineers Online Portal Project

Engineers Online Portal

= 1.0

References & Advisories

🔗 https://github.com/TheHackingRabbi/CVE-2021-42665
🔗 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42665
🔗 https://www.exploit-db.com/exploits/50452
🔗 https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html
🔗 https://github.com/TheHackingRabbi/CVE-2021-42665
🔗 https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42665
🔗 https://www.exploit-db.com/exploits/50452
🔗 https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html

相关漏洞威胁

CVE-2021-426699.8

A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changi...

CVE-2021-426689.8

A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.ph...

CVE-2021-426709.8

A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_st...

CVE-2021-434378.8

In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web applicat...