{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-27T19:10:37", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-41433", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md", "refsource": "MISC", "url": "https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md"}, {"name": "https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md", "refsource": "MISC", "url": "https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T03:15:27.297Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-41433", "datePublished": "2022-09-27T19:10:37", "dateReserved": "2021-09-20T00:00:00", "dateUpdated": "2024-08-04T03:15:27.297Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:resumes_management_and_job_application_website_application_project:resumes_management_and_job_application_website_application:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2FAB8479-106F-4757-9510-8D65F80DD74A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de inyecci\u00f3n SQL en versi\u00f3n 1.0 de Resumes Management and Job Application Website application login form por EGavilan Media que permite omitir la autenticaci\u00f3n mediante el archivo login.php"}], "id": "CVE-2021-41433", "lastModified": "2024-11-21T06:26:14.560", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-27T23:15:12.457", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/CVE-2021-41433.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://github.com/martinkubecka/CVE-References/blob/main/Untitled-SQLi.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}