CVE-2021-47846

Name of the Vulnerable Software and Affected Versions Digital Crime Report Management System version 1.0

Description An SQL injection issue affecting multiple login pages allows unauthenticated attackers to bypass authentication. This is achieved by sending crafted SQL injection payloads in the email and password parameters through the 'police', 'incharge', 'user', and 'HQ' login endpoints.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.