Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-36003
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.
Online Book Store Project Online Book Store 1.0
7.5
CVSSv2
CVE-2005-0284
SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote malicious users to execute arbitrary SQL commands via the user-agent parameter.
Woltlab Burning Book 1.0 Gold
Woltlab Burning Book 1.1.1e
4.3
CVSSv2
CVE-2004-1867
Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote malicious users to inject arbitrary web script or HTML via the Name field.
Web Fresh Fresh Guest Book 1.0
Web Fresh Fresh Guest Book 2.0
Web Fresh Fresh Guest Book 2.1
1 EDB exploit
5
CVSSv2
CVE-2012-1670
admin/index.php in PHP Grade Book prior to 1.9.5 BETA allows remote malicious users to read the database via a SaveSQL action.
Phpgradebook Php Grade Book
Phpgradebook Php Grade Book 1.9.3
1 EDB exploit
5
CVSSv2
CVE-2018-13491
The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Carrot Cartoon Book Coin Project Carrot Cartoon Book Coin -
3.5
CVSSv2
CVE-2022-1644
The Call&Book Mobile Bar WordPress plugin up to and including 1.2.2 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Call\\&book Mobile Bar Project Call\\&book Mobile Bar
4.3
CVSSv2
CVE-2005-4177
Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote malicious users to inject arbitrary web script or HTML via the StartRow parameter.
Cfmagic Magic Book Personal 2.0
Cfmagic Magic Book Professional 2.0
1 EDB exploit
NA
CVE-2023-43739
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Book Store Project Project Online Book Store Project 1.0
NA
CVE-2022-45613
Book Store Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the publisher parameter.
Book Store Management System Project Book Store Management System 1.0
NA
CVE-2022-3452
A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument category_name leads to cross site scripting. The attack can be in...
Book Store Management System Project Book Store Management System 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »