High severity8.2NVD Advisory· Published Jan 15, 2026· Updated Apr 15, 2026
CVE-2021-47777
CVE-2021-47777
Description
Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue' parameter of the login validation endpoint. Attackers can inject stacked SQL queries using payloads like ';WAITFOR DELAY '0:0:3'-- to manipulate database queries and potentially extract or modify database information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 21.0817
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.