VYPR

CSMS

by Oretnom23

CVEs (1)

  • CVE-2021-45253CriDec 21, 2021
    risk 0.64cvss 9.8epss 0.01

    The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The…