CVE-2021-41649

Published October 1st, 2021

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.

nu11secur1ty/CVE-mitre

https://cve.mitre.org/

GitHub

173