mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-10 11:57:37 +02:00
marc
1.3 KiB
1.3 KiB
CVE-2021-41647
Description
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.
POC
Reference
- http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html
- https://github.com/MobiusBinary/CVE-2021-41647
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647
Github
- https://github.com/2lambda123/CVE-mitre
- https://github.com/2lambda123/Windows10Exploits
- https://github.com/ARPSyndicate/cvemon
- https://github.com/MobiusBinary/CVE-2021-41647
- https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
- https://github.com/nu11secur1ty/CVE-mitre
- https://github.com/nu11secur1ty/CVE-nu11secur1ty
- https://github.com/nu11secur1ty/Windows10Exploits