CVE-2021-26200: SQL Injection
First published: Mon Feb 15 2021(Updated: )
The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| code-projects Library System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-26200?
CVE-2021-26200 is a vulnerability in the user area for Library System 1.0 that allows SQL injection and enables a user to bypass authentication and login as the admin user.
How severe is CVE-2021-26200?
CVE-2021-26200 has a severity rating of 9.8, which is considered critical.
How does CVE-2021-26200 affect Library System 1.0?
CVE-2021-26200 affects Library System 1.0 in the user area, allowing for SQL injection and bypassing of authentication to login as the admin user.
What is the Common Weakness Enumeration (CWE) ID for CVE-2021-26200?
The Common Weakness Enumeration (CWE) ID for CVE-2021-26200 is CWE-89.
How can I fix CVE-2021-26200?
To fix CVE-2021-26200, it is recommended to apply the latest patch or update provided by Library System Project for Library System 1.0.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/library system project
- canonical/code-projects library system
- version/code-projects library system/1.0