Remote SQL Injection and Shell Upload in Online Pet Shop Web App by SourceCodester
CVE-2021-35456

9.8CRITICAL

Key Information:

Vendor

Online Pet Shop Web Application Project

Status
Online Pet Shop Web Application
Vendor
CVE Published:
28 June 2021

What is CVE-2021-35456?

The Online Pet Shop Web App 1.0 by SourceCodester is susceptible to remote SQL injection and shell upload vulnerabilities. These vulnerabilities allow attackers to manipulate the database and upload malicious scripts, potentially leading to unauthorized access and exploitation of the web application. It is essential for users and administrators to patch this vulnerability and implement security measures to protect sensitive data and prevent unauthorized actions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.sourcecodester.com/php/14839/online-pet-shop-...
x_refsource_MISC
https://packetstormsecurity.com/files/163282/Online-Pet-S...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.