Vulnerability Details CVE-2021-38841
Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.079
EPSS Ranking 91.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://www.exploit-db.com/exploits/50205
- https://www.sourcecodester.com/php/14906/simple-water-refilling-station-management-system-php-free-source-code.html
- https://www.sourcecodester.com/users/tips23
- https://www.exploit-db.com/exploits/50205
- https://www.sourcecodester.com/php/14906/simple-water-refilling-station-management-system-php-free-source-code.html
- https://www.sourcecodester.com/users/tips23
Products affected by CVE-2021-38841
-
Simple Water Refilling Station Management System Project » Simple Water Refilling Station Management System » Version: 1.0cpe:2.3:a:simple_water_refilling_station_management_system_project:simple_water_refilling_station_management_system:1.0