CVE-2020-36945— WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass

WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass

WebDamn User Registration Login System contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating email credentials. Attackers can inject the payload '<email>' OR '1'='1' in both username and password fields to gain unauthorized access to the user panel.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

WebDamn User Registration Login System SQL注入漏洞

WebDamn User Registration Login System是WebDamn公司的一个用户注册与登录模块。 WebDamn User Registration Login System存在SQL注入漏洞，该漏洞源于对电子邮件凭据的操作不当，可能导致SQL注入攻击。

N/A

N/A