CVE-2021-43130
Vendor
Description:
An SQL Injection vulnerability exists in Sourcecodester Customer Relationship Management System (CRM) 1.0 via the username parameter in customer/login.php. The parameter username is not sanitizing for malicious POST Requests, the malicious user can use a malicious payload to bypass admin login.
