Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-41674

Description

An SQL Injection vulnerability exists in Sourcecodester E-Negosyo System 1.0 via the user_email parameter in /admin/login.php.

POC

Reference

- https://github.com/janikwehrli1/0dayHunt/blob/main/E-Negosyo-System-SQLi.txt

- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41674

Github

- https://github.com/2lambda123/CVE-mitre

- https://github.com/2lambda123/Windows10Exploits

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame

- https://github.com/nu11secur1ty/CVE-mitre

- https://github.com/nu11secur1ty/CVE-nu11secur1ty

- https://github.com/nu11secur1ty/Windows10Exploits