Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3037
Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote malicious users to inject arbitrary web script or HTML via the SEARCHTEXT parameter in a demos URL.
Handy Address Book Handy Address Book Server 1.1
9.8
CVSSv3
CVE-2020-23763
SQL injection in admin.php in Online Book Store 1.0 allows remote malicious users to execute arbitrary SQL commands and bypass authentication.
Online Book Store Project Online Book Store 1.0
NA
CVE-2004-1867
Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote malicious users to inject arbitrary web script or HTML via the Name field.
Web Fresh Fresh Guest Book 2.0
Web Fresh Fresh Guest Book 1.0
Web Fresh Fresh Guest Book 2.1
1 EDB exploit
NA
CVE-2012-1670
admin/index.php in PHP Grade Book prior to 1.9.5 BETA allows remote malicious users to read the database via a SaveSQL action.
Phpgradebook Php Grade Book
Phpgradebook Php Grade Book 1.9.3
1 EDB exploit
NA
CVE-2005-0284
SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote malicious users to execute arbitrary SQL commands via the user-agent parameter.
Woltlab Burning Book 1.1.1e
Woltlab Burning Book 1.0 Gold
4.8
CVSSv3
CVE-2022-1644
The Call&Book Mobile Bar WordPress plugin up to and including 1.2.2 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Call&book Mobile Bar Project Call&book Mobile Bar
7.5
CVSSv3
CVE-2018-13491
The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Carrot Cartoon Book Coin Project Carrot Cartoon Book Coin -
5.4
CVSSv3
CVE-2022-45215
A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module.
Book Store Management System Project Book Store Management System 1.0
5.4
CVSSv3
CVE-2022-45217
A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module.
Book Store Management System Project Book Store Management System 1.0.0
5.4
CVSSv3
CVE-2022-3452
A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument category_name leads to cross site scripting. The attack can be in...
Book Store Management System Project Book Store Management System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »