Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-45821
HistoryMar 16, 2022 - 3:01 p.m.

CVE-2021-45821

2022-03-1615:01:28
mitre
www.cve.org
3
sql injection
xbtit 3.1
ajaxchat vulnerability
remote code execution
sensitive data extraction
security vulnerability

AI Score

9.2

Confidence

High

EPSS

0.005

Percentile

76.4%

JSON

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order to get a remote code execution on the remote web server.

Related

cnvd 1
prion 1
nvd 1
cve 1
cnvd
cnvd
Xbtit SQL Injection Vulnerability
2022-03-18 00:00:00
prion
prion
Sql injection
2022-03-16 15:15:00
nvd
nvd
CVE-2021-45821
2022-03-16 15:15:16
cve
cve
CVE-2021-45821
2022-03-16 15:15:16

AI Score

9.2

Confidence

High

EPSS

0.005

Percentile

76.4%

JSON
Related for CVELIST:CVE-2021-45821
cnvd1prion1nvd1cve1