1. Home
  2. CVE Database
  3. CVE-2021-47846
HIGH · 8.2

CVE-2021-47846

Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can ...

Vulnerability Description

Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can exploit the vulnerability by sending crafted SQL injection payloads in email and password parameters across police, incharge, user, and HQ login endpoints.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
NONE

Related Weaknesses (CWE)

CWE-89

References

FAQ

What is CVE-2021-47846?

CVE-2021-47846 is a vulnerability with a CVSS score of 8.2 (HIGH). Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can ...

How severe is CVE-2021-47846?

CVE-2021-47846 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-47846?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.