Search Results | AttackerKB

Show filters

Topics 2 Users 9,708

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Very High

CVE-2021-38840

Disclosure Date: September 07, 2021 (last updated February 23, 2025)

SQL Injection can occur in Simple Water Refilling Station Management System 1.0 via the water_refilling/classes/Login.php username parameter.

Attack Vector: Network Privileges: None User Interaction: None

2

Attacker Value

Unknown

CVE-2021-38841

Disclosure Date: September 07, 2021 (last updated February 23, 2025)

Remote Code Execution can occur in Simple Water Refilling Station Management System 1.0 via the System Logo option on the system_info page in classes/SystemSettings.php with an update_settings action.

Attack Vector: Network Privileges: Low User Interaction: None

0