Description
SQL injection exists in LaiKetui v3.5.0 the background administrator list.
Affected Software
{"id": "CVE-2021-40955", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-40955", "description": "SQL injection exists in LaiKetui v3.5.0 the background administrator list.", "published": "2022-06-23T17:15:00", "modified": "2022-06-29T16:11:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.5}, "severity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.2, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-40955", "reporter": "cve@mitre.org", "references": ["https://github.com/bettershop/LaikeTui/issues/12"], "cvelist": ["CVE-2021-40955"], "immutableFields": [], "lastseen": "2022-06-29T18:55:56", "viewCount": 3, "enchantments": {"twitter": {"counter": 6, "tweets": [{"link": "https://twitter.com/WolfgangSesin/status/1540078599398735874", "text": "New post from https://t.co/uXvPWJy6tj (CVE-2021-40955) has been published on https://t.co/HJABC07HMx", "author": "WolfgangSesin", "author_photo": "https://pbs.twimg.com/profile_images/957011635369054208/Om3jbj7z_400x400.jpg"}, {"link": "https://twitter.com/www_sesin_at/status/1540078600719896576", "text": "New post from https://t.co/9KYxtdZjkl (CVE-2021-40955) has been published on https://t.co/FIWqJYvLCX", "author": "www_sesin_at", "author_photo": "https://pbs.twimg.com/profile_images/958100963822329858/fb_N8h5n_400x400.jpg"}, {"link": "https://twitter.com/WolfgangSesin/status/1542324740894900230", "text": "New post from https://t.co/uXvPWJy6tj (CVE-2021-40955 (laiketui)) has been published on https://t.co/OYFXDvhMqr", "author": "WolfgangSesin", "author_photo": "https://pbs.twimg.com/profile_images/957011635369054208/Om3jbj7z_400x400.jpg"}, {"link": "https://twitter.com/www_sesin_at/status/1542324741956067331", "text": "New post from https://t.co/9KYxtdZjkl (CVE-2021-40955 (laiketui)) has been published on https://t.co/bzcM1OJB8l", "author": "www_sesin_at", "author_photo": "https://pbs.twimg.com/profile_images/958100963822329858/fb_N8h5n_400x400.jpg"}]}, "score": {"value": 3.1, "vector": "NONE"}, "vulnersScore": 3.1}, "_state": {"twitter": 1656558816, "score": 1659865100, "dependencies": 1660016763}, "_internal": {"score_hash": "a9acfd304c5623b4102ebb54ab99f15f"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:laiketui:laiketui:3.5.0"], "cpe23": ["cpe:2.3:a:laiketui:laiketui:3.5.0:*:*:*:*:*:*:*"], "cwe": ["CWE-89"], "affectedSoftware": [{"cpeName": "laiketui:laiketui", "version": "3.5.0", "operator": "eq", "name": "laiketui"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:laiketui:laiketui:3.5.0:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://github.com/bettershop/LaikeTui/issues/12", "name": "https://github.com/bettershop/LaikeTui/issues/12", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory"]}]}
{}
CVE-2021-40955