What is CVE-2021-41649?

CVE-2021-41649 is a vulnerability in N/a. Published 2021-10-01.

Is CVE-2021-41649 known to be exploited?

15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-41649

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.

EPSS: 0.919 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

MobiusBinary/CVE-2021-41649
20142995/nuclei-templates
2lambda123/CVE-mitre
2lambda123/Windows10Exploits
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
Offensive-Penetration-Security/OPSEC-Hall-of-fame
StarCrossPortal/scalpel
anonymous364872/Rapier_
apif-review/APIF_

References

awesomeopensource.com/project/PuneethReddyHC/online-shopping-system (x_refsource_MISC)
streamable.com/aii806 (x_refsource_MISC)
github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41649 (x_refsource_MISC)
streamable.com/mnn7dn (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-41649?: CVE-2021-41649 is a vulnerability in N/a. Published 2021-10-01.
Is CVE-2021-41649 known to be exploited?: 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.