CVE-2021-41648 Scanner
Detects 'SQL Injection' vulnerability in Puneeth Reddy H C Online Shopping System affects v. 1.0.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month
Scan only one
URL
Toolbox
-
Puneeth Reddy H C Online Shopping System is a widely used platform for online shopping. It serves as a bridge between the customer and the seller. The system provides a user-friendly interface for customers to browse and shop for products. Customers can search through various categories of products and add them to their cart for buying.
In CVE-2021-41648, the system encountered a serious vulnerability that allowed the injection of malicious SQL code. The vulnerability could be exploited through the prId parameter in the action.php file. Since the user input wasn't sanitized, attackers could execute SQL commands to read or modify the data.
Exploiting this vulnerability could lead to a range of serious consequences. Attackers could steal sensitive user information like name, address, contact details, and financial data. Additionally, they could modify the data, rendering the system unusable or even disrupting business operations.
Thanks to the pro features of the s4e.io platform, users can quickly and easily discover any vulnerabilities present in their digital assets. The platform provides an extensive database of common vulnerabilities and exposures (CVEs) that can threaten systems. By using the platform, users can take effective steps to neutralize any potential vulnerabilities in their digital assets before they can be exploited.
REFERENCES