CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42169

The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no security and escaping from malicious payloads.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-21-100521
https://www.exploit-db.com/exploits/50403
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-21-100521
https://www.exploit-db.com/exploits/50403

Products affected by CVE-2021-42169

Simple Payroll System With Dynamic Tax Bracket Project » Simple Payroll System With Dynamic Tax Bracket » Version: 1.0

cpe:2.3:a:simple_payroll_system_with_dynamic_tax_bracket_project:simple_payroll_system_with_dynamic_tax_bracket:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42169

Products

Pricing

Contact Us