CVE-2021-41433

EUVD-2021-28460
SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
resumes_management_and_job_application_website_application_projectresumes_management_and_job_application_website_application
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md
https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md
https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md
https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md