CVE-2021-44966
Summary
| CVE | CVE-2021-44966 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-13 15:15:00 UTC |
| Updated | 2023-09-25 16:46:00 UTC |
| Description | SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system. |
Risk And Classification
Problem Types: CWE-89
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Employee Record Management System Project | Employee Record Management System | 1.2 | All | All | All |
| Application | Phpgurukul | Employee Record Management System | 1.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-nu11secur1ty/vendors/PHPGURUKUL/ANUJ KUMAR/Employee-Record-Management-System-SQL-Injection-Bypass-Authentication at main · nu11secur1ty/CVE-nu11secur1ty · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.