CVE-2021-27545

2021-04-1511:54:21

mitre

www.cve.org

cve-2021-27545

sql injection

add-services.php

phpgurukul beauty parlour management system

AI Score

7.1

Confidence

High

EPSS

0.044

Percentile

92.6%

JSON

SQL Injection in the “add-services.php” component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the “sername” parameter.

References

github.com/BigTiger2020/Beauty-Parlour-Management-System

packetstormsecurity.com/files/161468/Beauty-Parlour-Management-System-1.0-Cross-Site-Scripting.html

www.exploit-db.com/exploits/49580