3 matches found
CVE-2021-3278
CVE-2021-3278 affects Local Service Search Engine Management System 1.0. A SQL injection flaw in the authentication flow allows bypassing the login page, enabling unauthorized access. The entry is evidenced by multiple sources (NVD/CVE lists, Exploit-DB) showing a login bypass via SQLi; CVSS 3.1 ...
CVE-2021-27999
CVE-2021-27999 affects Local Services Search Engine Management System Project 1.0. The vulnerability is a SQL injection in the editid parameter that enables admins to dump all data from the database. Exploitation details are not provided beyond the description; no patch/version is specified in th...
CVE-2021-28000
CVE-2021-28000 describes a persistent cross-site scripting vulnerability in the Local Services Search Engine Management System Project 1.0. The issue allows remote attackers to execute arbitrary code via crafted payloads entered into the Name and Address fields. The connected documents corroborat...