CVE-2020-36945

Name of the Vulnerable Software and Affected Versions WebDamn (affected versions not specified)

Description The user registration and login system contains a SQL injection flaw, which is a technique where malicious SQL statements are inserted into entry fields for execution. This allows unauthenticated attackers to bypass login authentication by manipulating email credentials. By injecting the payload '' OR '1'='1' into the username and password fields, an attacker can gain unauthorized access to the user panel.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.