CVE-2021-27999

MEDIUM

Local Services Search Engine <1.0 - SQL Injection

Title source: llm
STIX 2.1

Description

A SQL injection vulnerability was discovered in the editid parameter in Local Services Search Engine Management System Project 1.0. This vulnerability gives admin users the ability to dump all data from the database.

Scores

CVSS v3 4.9
EPSS 0.0084
EPSS Percentile 53.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-89
Status published
Products (1)
local_services_search_engine_management_system_project/local_services_search_engine_management_system 1.0
Published Aug 19, 2021
Tracked Since Feb 18, 2026