CVE-2021-45794

Name of the Vulnerable Software and Affected Versions Slims9 Bulian version 9.4.2

Description The issue affects the "/admin/modules/system/backup.php" API endpoint, allowing SQL injection attacks. This can result in the unauthorized obtainment of user data.

Recommendations For Slims9 Bulian version 9.4.2, consider restricting access to the "/admin/modules/system/backup.php" endpoint until a fix is available. Additionally, as a temporary workaround, review and limit the use of user data within the system to minimize potential damage. At the moment, there is no information about a newer version that contains a fix for this vulnerability.