Authenticated Blind & Error-based SQL Injection Vulnerability in Online Enrollment Management System and PayPal Free Source Code 1.0

Authenticated Blind & Error-based SQL Injection Vulnerability in Online Enrollment Management System and PayPal Free Source Code 1.0

CVE-2021-40578 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment Management System in PHP and PayPal Free Source Code 1.0, that allows attackers to obtain sensitive information and execute arbitrary SQL commands via IDNO parameter.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.