CVE-2021-41647

Published
View on NVD ↗
CVSS v3
9.1
CRITICAL
CVSS v2
6.4
MEDIUM
Affected
3
PROJECTS

Description

An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.

nu11secur1ty/CVE-mitre
nu11secur1ty/CVE-mitre
https://cve.mitre.org/
GitHubGitHub
173
kaushikjadhav01/Online-Food-Ordering-Web-App
kaushikjadhav01/Online-Food-Ordering-Web-App
Online Food Ordering System Website using basic PHP, SQL, HTML & CSS. You can use any one of XAMPP, WAMP or LAMP server to run the Web App
GitHubGitHub
280
MobiusBinary/CVE-2021-41647
MobiusBinary/CVE-2021-41647
GitHubGitHub