CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-47918

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.6%

CVSS Severity

CVSS v3 Score 8.1

References

https://simplephpscripts.com/simple-cms-php
https://www.vulncheck.com/advisories/simple-cms-sql-injection-vulnerability-via-users-module2
https://www.vulnerability-lab.com/get_content.php?id=2303

Products affected by CVE-2021-47918

Simplephpscripts » Simple Cms Php » Version: 2.1

cpe:2.3:a:simplephpscripts:simple_cms_php:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-47918

Products

Pricing

Contact Us