Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds online book store project 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43740
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated malicious user to obtain Remote Code Execution on the server hosting the application.
Projectworlds Online Book Store Project 1.0
4.3
CVSSv2
CVE-2021-43156
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote malicious user to delete any book.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2021-43155
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2020-19108
SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2020-19107
SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2020-19109
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2020-19110
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2020-19111
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2020-19112
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
7.5
CVSSv2
CVE-2020-19113
Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution.
Projectworlds Online Book Store Project In Php 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »