CVEs-PoC/2021/CVE-2021-43481.md

CVE-2021-43481

Description

An SQL Injection vulnerability exists in Webtareas 2.4p3 and earlier via the $uq HTTP POST parameter in editapprovalstage.php.

POC

Reference

• http://packetstormsecurity.com/files/167026/WebTareas-2.4-SQL-Injection.html
• https://behradtaher.dev/2021/11/05/Discovering-a-Blind-SQL-Injection-Whitebox-Approach/

Github

• https://github.com/20142995/nuclei-templates
• https://github.com/ARPSyndicate/cvemon
• https://github.com/cyb3r-w0lf/nuclei-template-collection