CVE-2021-43451

SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the Email POST parameter in /forgetpassword.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpgurukul:employee_record_management_system:1.2:*:*:*:*:*:*:*

History

21 Nov 2024, 06:29

Type Values Removed Values Added
References () https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection - Third Party Advisory () https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/PHPGURUKUL/ANUJ%20KUMAR/Employee-Record-Management-System-SQL-Injection - Third Party Advisory
References () https://www.exploit-db.com/exploits/50467 - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/50467 - Exploit, Third Party Advisory, VDB Entry
References () https://www.nu11secur1ty.com/2021/12/cve-2021-43451.html - Exploit, Third Party Advisory () https://www.nu11secur1ty.com/2021/12/cve-2021-43451.html - Exploit, Third Party Advisory

25 Sep 2023, 16:46

Type Values Removed Values Added
CPE cpe:2.3:a:employee_record_management_system_project:employee_record_management_system:1.2:*:*:*:*:*:*:* cpe:2.3:a:phpgurukul:employee_record_management_system:1.2:*:*:*:*:*:*:*
First Time Phpgurukul
Phpgurukul employee Record Management System

Information

Published : 2021-12-01 19:15

Updated : 2024-11-21 06:29


NVD link : CVE-2021-43451

Mitre link : CVE-2021-43451

CVE.ORG link : CVE-2021-43451


JSON object : View

Products Affected

phpgurukul

  • employee_record_management_system
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')