Vulnerability Database

322,732

Total vulnerabilities in the database

CVE-2021-47846

Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can exploit the vulnerability by sending crafted SQL injection payloads in email and password parameters across police, incharge, user, and HQ login endpoints.

Published: Jan 21, 2026
Updated: Jan 22, 2026
CVE: CVE-2021-47846
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

No affected software listed.

https://iwantfilemanager.com/?dl=b48d951cbdd50568b031aab3b619fed2
https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/
https://www.exploit-db.com/exploits/49761
https://www.vulncheck.com/advisories/digital-crime-report-management-system-sql-injection

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo