Vulnerability Details CVE-2021-46427
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://cxsecurity.com/issue/WLB-2022010092
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple%20ChatBot
- https://www.exploit-db.com/exploits/50673
- https://www.nu11secur1ty.com/2022/01/cve-2021-46427-sql-injection-bypass.html
- https://cxsecurity.com/issue/WLB-2022010092
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple%20ChatBot
- https://www.exploit-db.com/exploits/50673
- https://www.nu11secur1ty.com/2022/01/cve-2021-46427-sql-injection-bypass.html
Products affected by CVE-2021-46427
-
cpe:2.3:a:simple_chatbot_application_project:simple_chatbot_application:1.0