Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-41649

Description

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.

POC

Reference

- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41649

Github

- https://github.com/20142995/nuclei-templates

- https://github.com/2lambda123/CVE-mitre

- https://github.com/2lambda123/Windows10Exploits

- https://github.com/ARPSyndicate/cvemon

- https://github.com/ARPSyndicate/kenzer-templates

- https://github.com/MobiusBinary/CVE-2021-41649

- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame

- https://github.com/StarCrossPortal/scalpel

- https://github.com/anonymous364872/Rapier_Tool

- https://github.com/apif-review/APIF_tool_2024

- https://github.com/apit-review-account/apit-tool

- https://github.com/nu11secur1ty/CVE-mitre

- https://github.com/nu11secur1ty/CVE-nu11secur1ty

- https://github.com/nu11secur1ty/Windows10Exploits

- https://github.com/youcans896768/APIV_Tool