cve/CVE-2021-37808.md at b50325b7a339fb96f218f7b1a001c5a2ad067468

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

SQL Injection vulnerabilities exist in https://phpgurukul.com News Portal Project 3.1 via the (1) category, (2) subcategory, (3) sucatdescription, and (4) username parameters, the server response is about (N) seconds delay respectively which mean it is vulnerable to MySQL Blind (Time Based). An attacker can use sqlmap to further the exploitation for extracting sensitive information from the database.

POC

Reference

https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-37808
https://packetstormsecurity.com/files/163575/News-Portal-Project-3.1-SQL-Injection.html

Github

https://github.com/2lambda123/CVE-mitre
https://github.com/2lambda123/Windows10Exploits
https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
https://github.com/nu11secur1ty/CVE-mitre
https://github.com/nu11secur1ty/CVE-nu11secur1ty
https://github.com/nu11secur1ty/Windows10Exploits

1.2 KiB Raw Blame History

CVE-2021-37808

Description

POC

Reference

Github

1.2 KiB

Raw Blame History