SQL Injection Vulnerability in Sourcecodester Budget and Expense Tracker System v1: Arbitrary SQL Command Execution via Username Field

SQL Injection Vulnerability in Sourcecodester Budget and Expense Tracker System v1: Arbitrary SQL Command Execution via Username Field

CVE-2021-40247 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username field.

Learn more about our User Device Pen Test.