Vulnerability Details CVE-2021-44593
Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution via UNION-based SQL injection in the username parameter on /admin/login.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.7%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
References
- https://github.com/Mister-Joe/CVE-2021-44593
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44593
- https://www.nu11secur1ty.com/2022/01/cve-2021-44593.html
- https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html
- https://github.com/Mister-Joe/CVE-2021-44593
- https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44593
- https://www.nu11secur1ty.com/2022/01/cve-2021-44593.html
- https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html
Products affected by CVE-2021-44593
-
cpe:2.3:a:simple_college_website_project:simple_college_website:1.0