Vulnerability Details CVE-2021-44966
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection-Bypass-Authentication
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection-Bypass-Authentication
Products affected by CVE-2021-44966
-
cpe:2.3:a:phpgurukul:employee_record_management_system:1.2