Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-29214

EPSS 45.26% · P98
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-29214

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
SourceCodester Alumni Management System SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Sourcecodester Alumni Management System是美国Sourcecodester公司的一个基于Php、Mysql的校友管理系统。 SourceCodester Alumni Management System 1.0存在安全漏洞,该漏洞允许用户注入SQL有效载荷,以通过admin login.php绕过身份验证。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2020-29214

#POC DescriptionSource LinkShenlong Link
1Alumni Management System 1.0 contains a SQL injection vulnerability via admin/login in the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/alumni-management-sqli.yamlPOC Details
2SourceCodester Alumni Management System 1.0 contains a sql_injection caused by unsanitized input in admin/login.php, letting attackers bypass authentication, exploit requires injection of malicious SQL payload. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-29214.yamlPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-29214

登录查看更多情报信息。

Same Patch Batch · n/a · 2021-06-15 · 16 CVEs total

CVE-2021-233957.3 HIGHPrototype Pollution
CVE-2021-28857TP-Link TL-WPA4220 信息泄露漏洞
CVE-2021-28858TP-Link TL-WPA4220 信息泄露漏洞
CVE-2020-29215SourceCodester Employee Management System 跨站脚本漏洞
CVE-2021-27388Siemens SINAMICS SL150 输入验证错误漏洞
CVE-2021-33622Singularity 代码问题漏洞
CVE-2021-33887Peloton TTR01 数据伪造问题漏洞
CVE-2020-21316ZrLog 跨站脚本漏洞
CVE-2021-34170Bandai Namco FromSoftware Dark Souls III 安全漏洞
CVE-2021-34128LaikeTui 代码问题漏洞
CVE-2021-34129LaikeTui 路径遍历漏洞
CVE-2021-3592QEMU 缓冲区错误漏洞
CVE-2021-3593QEMU 缓冲区错误漏洞
CVE-2021-3594QEMU 缓冲区错误漏洞
CVE-2021-3595QEMU 缓冲区错误漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2020-29214

No comments yet

Leave a comment