Lucene search
K

5 matches found

NVD
NVD
added 2021/11/03 7:15 p.m.37 views

CVE-2021-43140

SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login...

9.8CVSS0.04729EPSS
Exploits4References3
NVD
NVD
added 2021/11/03 7:15 p.m.24 views

CVE-2021-43141

Cross Site Scripting XSS vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in planapplication...

6.1CVSS0.01396EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/11/03 6:40 p.m.26 views

CVE-2021-43141

Cross Site Scripting XSS vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in planapplication...

6.1AI score0.01396EPSS
Exploits1References4
CVE
CVE
added 2021/11/03 6:40 p.m.186 views

CVE-2021-43141

CVE-2021-43141 affects Sourcecodester Simple Subscription Website 1.0. The vulnerability is a Cross Site Scripting (XSS) flaw exploitable via the id parameter in plan_application (and, per some sources, also via users_application). Root cause is improper handling/validation of user input in the a...

6.1CVSS6AI score0.01396EPSS
In wildExploits1References4Affected Software1
CVE
CVE
added 2021/11/03 6:38 p.m.80 views

CVE-2021-43140

Sourcecodester Simple Subscription Website 1.0 is affected by a SQL Injection in the login/authentication flow. The vulnerability arises in the login endpoint (e.g., plan_application/Actions.php?a=login) and can be exploited with input like admin' or 1=1-- to bypass authentication and potentially...

9.8CVSS9.8AI score0.04729EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder