Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-23024
Book Store Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter.
Book Store Management System Project Book Store Management System 1.0
6.8
CVSSv2
CVE-2009-2608
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2...
Chatelao Php Address Book 4.0.1
Chatelao Php Address Book 4.0.2
1 EDB exploit
NA
CVE-2022-45613
Book Store Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the publisher parameter.
Book Store Management System Project Book Store Management System 1.0
NA
CVE-2022-2748
A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack...
Simple Online Book Store System Project Simple Online Book Store System -
7.5
CVSSv2
CVE-2006-6763
Multiple PHP remote file inclusion vulnerabilities in the Keep It Simple Guest Book (KISGB) allow remote malicious users to execute arbitrary PHP code via a URL in the (1) path_to_themes parameter in (a) authenticate.php, and the (2) default_path_for_themes parameter in (b) admin...
Keep It Simple Guest Book Keep It Simple Guest Book 5.0
1 EDB exploit
NA
CVE-2022-2746
A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin_ add.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-206014 is the ...
Simple Online Book Store System Project Simple Online Book Store System -
NA
CVE-2022-2747
A vulnerability was found in SourceCodester Simple Online Book Store and classified as critical. This issue affects some unknown processing of the file book.php. The manipulation of the argument book_isbn leads to sql injection. The attack may be initiated remotely. The associate...
Simple Online Book Store System Project Simple Online Book Store System -
NA
CVE-2022-2770
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System. Affected is an unknown function of the file /obs/book.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to launch the attack remotel...
Simple Online Book Store System Project Simple Online Book Store System -
NA
CVE-2022-2771
A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. Affected by this vulnerability is an unknown functionality of the file /obs/bookPerPub.php. The manipulation of the argument bookisbn leads to sql injection. The attack ca...
Simple Online Book Store System Project Simple Online Book Store System -
6.4
CVSSv2
CVE-2007-1122
Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 and 1.01 allow remote malicious users to execute arbitrary SQL commands via the id parameter to the (1) updateRow and (2) deleteRow functions in functions.php, a ...
Zephyrsoft Toolbox Address Book Continued 1.00
Zephyrsoft Toolbox Address Book Continued 1.01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »