Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component admin/users.php?source=add_user. These vulnerabilities can be exploited through a crafted POST request via the user_name, user_firstname,user_lastname, or user_email parameters.
References
Link | Resource |
---|---|
https://github.com/Nguyen-Trung-Kien/CVE | Third Party Advisory |
https://github.com/Nguyen-Trung-Kien/CVE/tree/main/CVE-2021-46459 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-01-31T18:38:22
Updated: 2022-01-31T18:38:22
Reserved: 2022-01-24T00:00:00
Link: CVE-2021-46459
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-31T19:15:08.047
Modified: 2022-02-04T19:40:35.067
Link: CVE-2021-46459
JSON object: View
Redhat Information
No data.
CWE