Simple ChatBot 1.0
Vendor
CVE-2021-46427
Description:
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the message parameter in Master.php.
The parameter username is was not sanitized correctly. The attacker can take control of the system administrator account.
Status: CRITICAL
- In Action
- XSS-PHPSESSID-Hijacking
- SQL - Bypass Authentication:


