Published: 21/01/2022 Updated: 03/02/2022

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution via UNION-based SQL injection in the username parameter on /admin/login.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
simple college website project simple college website 1.0

Public disclosure & writeup of CVE-2021-44593.

CVE-2021-44593 Public disclosure of CVE-2021-44593 A SQL injection/arbitrary file upload/remote code execution vulnerability in Simple College Website DESCRIPTION Simple College Website 10 is vulnerable to an unauthenticated union-based SQL injection in the "username" parameter of the /admin/loginphp page, which can then be leveraged to upload arbitrary files &

CWE-89 https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html https://github.com/Mister-Joe/CVE-2021-44593 https://www.nu11secur1ty.com/2022/01/cve-2021-44593.html https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44593 https://nvd.nist.gov https://github.com/Mister-Joe/CVE-2021-44593

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-44593

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect