CVE-2021-44655

critical

Description

Online Pre-owned/Used Car Showroom Management System 1.0 contains a SQL injection authentication bypass vulnerability. Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to get admin access on the application.

References

https://www.nu11secur1ty.com/2021/12/cve-2021-44655.html

https://www.exploit-db.com/exploits/50560

https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44655

Details

Source: Mitre, NVD

Published: 2021-12-15

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00229