Security Advisory

CVE-2021-41647

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-01 14:32:43

Last updated 2024-08-04 03:15:29

Assigner mitre

State PUBLISHED

Description

An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.

← Browse all CVEs View on cve.org ↗