Vulnerability Description
WebDamn User Registration Login System contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating email credentials. Attackers can inject the payload '<email>' OR '1'='1' in both username and password fields to gain unauthorized access to the user panel.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://webdamn.com/
- https://webdamn.com/user-management-system-with-php-mysql/
- https://www.exploit-db.com/exploits/49170
- https://www.vulncheck.com/advisories/webdamn-user-registration-login-system-with
- https://www.exploit-db.com/exploits/49170
FAQ
What is CVE-2020-36945?
CVE-2020-36945 is a vulnerability with a CVSS score of 8.2 (HIGH). WebDamn User Registration Login System contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login authentication by manipulating email credentials. Attackers can inje...
How severe is CVE-2020-36945?
CVE-2020-36945 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36945?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.