First published: Wed Oct 13 2021(Updated: )
SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ifsc Code Finder Project Ifsc Code Finder | =1.0 | |
=1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-42224 is critical with a CVSS score of 9.8.
The affected software of CVE-2021-42224 is IFSC Code Finder Project version 1.0.
The vulnerability manifests as a SQL Injection vulnerability in the searchifsccode POST parameter in /search.php of the IFSC Code Finder Project 1.0.
Yes, there are known exploits available for CVE-2021-42224. You can find them at the following references: [exploit-db.com](https://www.exploit-db.com/exploits/50391), [packetstormsecurity.com](http://packetstormsecurity.com/files/164514/IFSC-Code-Finder-Project-1.0-SQL-Injection.html), [github.com](https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-42224).
To fix CVE-2021-42224, patch or update the IFSC Code Finder Project to a version that resolves the SQL Injection vulnerability.