CVE-2021-45411
Description
In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution.
- CVSS Version 3.1
- CVSS Version 2.0
nvd
CVE ID: CVE-2021-45411
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
nvd
CVE ID: CVE-2021-45411
Base Score: 7.5
Base Severity: HIGH
Vector String:AV:N/AC:L/Au:N/C:P/I:P/A:P
Refrence: NVD