Sourcecodetester Printable Staff ID Card Creator System 1.0 sql injection

A vulnerability was found in Sourcecodetester Printable Staff ID Card Creator System 1.0. It has been classified as critical. This affects some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field01/12/2022 08:41 PM01/15/2022 10:17 AM
urlhttps://www.exploit-db.com/exploits/49877https://www.exploit-db.com/exploits/49877
availability11
publicity11
urlhttps://www.exploit-db.com/exploits/49877https://www.exploit-db.com/exploits/49877
cveCVE-2021-45411CVE-2021-45411
cve_assigned16399548001639954800
exploitdb4987749877
date1641942000 (01/12/2022)1641942000 (01/12/2022)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_ePOCPOC
cvss2_vuldb_rcURUR
cvss2_vuldb_auSS
cvss2_vuldb_rlNDND
cvss3_vuldb_prLL
cvss3_vuldb_rlXX
cvss2_vuldb_basescore6.56.5
cvss2_vuldb_tempscore5.65.6
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore5.75.7
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore5.75.7
price_0day$0-$5k$0-$5k
vendorSourcecodetesterSourcecodetester
namePrintable Staff ID Card Creator SystemPrintable Staff ID Card Creator System
version1.01.0
cwe89 (sql injection)89 (sql injection)
risk22
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_ePP
cvss3_vuldb_rcRR
identifier4987749877
cve_nvd_summaryIn Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution.

Do you need the next level of professionalism?

Upgrade your account now!