CVE-2021-38833

CRITICAL

9.8

Beschreibung

SQL injection vulnerability in PHPGurukul Apartment Visitors Management System (AVMS) v. 1.0 allows attackers to execute arbitrary SQL statements and to gain RCE.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht9/13/2021

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

apartment_visitors_management_system_project:apartment_visitors_management_system

Schwachen (CWE)

CWE-89

Referenzen

https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38833(cve@mitre.org)

https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/(cve@mitre.org)

https://streamable.com/ojobew(cve@mitre.org)

https://www.exploit-db.com/exploits/50288(cve@mitre.org)

https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38833(af854a3a-2127-422b-91ae-364da2661108)

https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/(af854a3a-2127-422b-91ae-364da2661108)

https://streamable.com/ojobew(af854a3a-2127-422b-91ae-364da2661108)

https://www.exploit-db.com/exploits/50288(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.