CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/05/22 8:55 p.m.•0 views

CVE-2021-37413

GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in the admin login interface. A remote unauthenticated attacker can exploit this vulnerability to obtain administrative access to the webpage, access the user database, modify web content and upload custom files. The backend login...

9.8CVSS7.4AI score0.01705EPSS

Exploits2References1

OSV•added 2022/05/19 3:15 p.m.•1 views

CVE-2021-37413

9.8CVSS7.4AI score0.01705EPSS

Exploits2References2

NVD•added 2022/05/19 3:15 p.m.•9 views

CVE-2021-37413

9.8CVSS0.01705EPSS

Exploits2References2

Prion•added 2022/05/19 3:15 p.m.•8 views

Sql injection

7.5CVSS9.7AI score0.01705EPSS

Exploits2References2Affected Software1

CVE•added 2022/05/19 2:59 p.m.•62 views

CVE-2021-37413

CVE-2021-37413 affects GRANDCOM DynWEB before 4.2. The backend login script does not validate or sanitize user input, enabling a remote unauthenticated attacker to perform a SQL injection in the admin login interface. Consequences reported in sources include administrative access to the webpage, ...

9.8CVSS9.7AI score0.01705EPSS

Exploits2References2Affected Software1

Cvelist•added 2022/05/19 2:59 p.m.•11 views

CVE-2021-37413

10AI score0.01705EPSS

Exploits2References2

CNNVD•added 2022/05/19 12:0 a.m.•1 views

GRANDCOM DynWEB SQL注入漏洞

GRANDCOM DynWEB is the login management interface for a content management system from GRANDCOM Slovakia. A security vulnerability exists in GRANDCOM DynWEB versions prior to 4.2, which stems from a back-end login script that does not validate and clean up user-supplied strings. An unauthenticate...

9.8CVSS8.4AI score0.01705EPSS

Exploits2References3