Search
Find a vulnerability
Search criteria
2 vulnerabilities by online_food_ordering_web_app_project
CVE-2021-41647 (GCVE-0-2021-41647)
Vulnerability from nvd – Published: 2021-10-01 14:32 – Updated: 2024-08-04 03:15
VLAI
Summary
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/kaushikjadhav01/Online-Food-Or… | x_refsource_MISC |
| https://github.com/MobiusBinary/CVE-2021-41647 | x_refsource_MISC |
| http://packetstormsecurity.com/files/164422/Onlin… | x_refsource_MISC |
| https://github.com/nu11secur1ty/CVE-mitre/tree/ma… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:15:29.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MobiusBinary/CVE-2021-41647"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable \"username\" parameter in login.php and retrieve sensitive database information, as well as add an administrative user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T13:18:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MobiusBinary/CVE-2021-41647"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-41647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable \"username\" parameter in login.php and retrieve sensitive database information, as well as add an administrative user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App",
"refsource": "MISC",
"url": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App"
},
{
"name": "https://github.com/MobiusBinary/CVE-2021-41647",
"refsource": "MISC",
"url": "https://github.com/MobiusBinary/CVE-2021-41647"
},
{
"name": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html"
},
{
"name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647",
"refsource": "MISC",
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41647",
"datePublished": "2021-10-01T14:32:43.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:15:29.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41647 (GCVE-0-2021-41647)
Vulnerability from cvelistv5 – Published: 2021-10-01 14:32 – Updated: 2024-08-04 03:15
VLAI
Summary
An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/kaushikjadhav01/Online-Food-Or… | x_refsource_MISC |
| https://github.com/MobiusBinary/CVE-2021-41647 | x_refsource_MISC |
| http://packetstormsecurity.com/files/164422/Onlin… | x_refsource_MISC |
| https://github.com/nu11secur1ty/CVE-mitre/tree/ma… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:15:29.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MobiusBinary/CVE-2021-41647"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable \"username\" parameter in login.php and retrieve sensitive database information, as well as add an administrative user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T13:18:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MobiusBinary/CVE-2021-41647"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-41647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable \"username\" parameter in login.php and retrieve sensitive database information, as well as add an administrative user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App",
"refsource": "MISC",
"url": "https://github.com/kaushikjadhav01/Online-Food-Ordering-Web-App"
},
{
"name": "https://github.com/MobiusBinary/CVE-2021-41647",
"refsource": "MISC",
"url": "https://github.com/MobiusBinary/CVE-2021-41647"
},
{
"name": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164422/Online-Food-Ordering-Web-App-SQL-Injection.html"
},
{
"name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647",
"refsource": "MISC",
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-41647",
"datePublished": "2021-10-01T14:32:43.000Z",
"dateReserved": "2021-09-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:15:29.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}