An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.
References
Link | Resource |
---|---|
https://cxsecurity.com/issue/WLB-2022010092 | Exploit Issue Tracking Third Party Advisory |
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/Simple%20ChatBot | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/50673 | Exploit Third Party Advisory VDB Entry |
https://www.nu11secur1ty.com/2022/01/cve-2021-46427-sql-injection-bypass.html | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2022-01-27 19:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-46427
Mitre link : CVE-2021-46427
CVE.ORG link : CVE-2021-46427
JSON object : View
Products Affected
simple_chatbot_application_project
- simple_chatbot_application
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')