19 Mai 2022
Vulnérabilité CVE-2021-37413 CVE Vulnerability
GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in the admin login interface. A remote unauthenticated attacker can exploit this vulnerability to obtain administrative access to the webpage, access the user database, modify web content and upload custom files. The backend login script does not verify and sanitize user-provided strings. (CVSS:0.0) (Last Update:2022-05-19)
Vulnerability Details : GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in the admin login interface. A remote unauthenticated attacker can exploit this vulnerability to obtain administrative access to the webpage, access the user database, modify web content and upload custom files. The backend login script does not verify and sanitize user-provided strings. Publish Date : 2022-05-19 Last Update Date : 2022-05-19 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-37413
- References For CVE-2021-37413
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-37413There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |