14 Jan 2022
Vulnérabilité CVE-2021-45406 CVE Vulnerability
In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql' parameter in SQL query while generating a report. Upon successfully discovering the login admin password hash, it can be decrypted to obtain the plain-text password. (CVSS:0.0) (Last Update:2022-01-14)
Vulnerability Details : In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql' parameter in SQL query while generating a report. Upon successfully discovering the login admin password hash, it can be decrypted to obtain the plain-text password. Publish Date : 2022-01-14 Last Update Date : 2022-01-14 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-45406
- References For CVE-2021-45406
| ||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-45406There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |