CVE-2021-41472

CRITICAL

Simple Membership System - SQL Injection via Username and Password Parameters

Title source: llm
STIX 2.1

Description

SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters.

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.0125
EPSS Percentile 66.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
simple_membership_system_using_php_and_ajax_project/simple_membership_system_using_php_and_ajax 1.0
Published Jan 24, 2022
Tracked Since Feb 18, 2026