CVE-2021-33470
CRITICALCOVID19 Testing Management System 1.0 - SQL Injection
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-33470. PoCs published by Rohit Burke.
AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in COVID19 Testing Management System 1.0, allowing an attacker to bypass authentication by injecting a malicious payload into the login form.
Description
COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel.
Exploits (1)
exploitdb
WORKING POC
by Rohit Burke · textwebappsphp
https://www.exploit-db.com/exploits/49886
This exploit demonstrates an SQL injection vulnerability in COVID19 Testing Management System 1.0, allowing an attacker to bypass authentication by injecting a malicious payload into the login form.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
COVID19 Testing Management System 1.0
No auth needed
Prerequisites:
Access to the login page of the target application
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Third Party Advisory x_refsource_misc
https://phpgurukul.com/
Third Party Advisory, VDB Entry x_refsource_misc
https://www.exploit-db.com/exploits/49886
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/163014/COVID-19-Testing-Management-System-1.0-SQL-Injection.html
Exploit, Third Party Advisory x_refsource_misc
https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-04
Exploit, Third Party Advisory x_refsource_misc
https://www.nu11secur1ty.com/2021/08/covid-19-contact-tracing-system-web-app.html
Scores
CVSS v3
9.8
EPSS
0.0227
EPSS Percentile
80.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (1)
phpgurukul/covid19_testing_management_system
1.0
Published
May 26, 2021
Tracked Since
Feb 18, 2026