What is CVE-2021-41648?

CVE-2021-41648 is a vulnerability in N/a. Published 2021-10-01.

Is CVE-2021-41648 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-41648

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.

EPSS: 0.754 (98.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

awesomeopensource.com/project/PuneethReddyHC/online-shopping-system (x_refsource_MISC)
github.com/MobiusBinary/CVE-2021-41648 (x_refsource_MISC)
packetstormsecurity.com/files/165036/PuneethReddyHC-Online-Shopping-System-Adva… (x_refsource_MISC)
github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41648 (x_refsource_MISC)
www.nu11secur1ty.com/2021/11/cve-2021-41648.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-41648?: CVE-2021-41648 is a vulnerability in N/a. Published 2021-10-01.
Is CVE-2021-41648 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.