Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1596
Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook...
Mambo Nfn Address Book 0.4
Joomla Nfn Address Book 0.4
1 EDB exploit
9.8
CVSSv3
CVE-2022-44097
Book Store Management System v1.0 exists to contain hardcoded credentials which allows malicious users to escalate privileges and access the admin panel.
Book Store Management System Project Book Store Management System 1.0
7.5
CVSSv3
CVE-2022-4228
A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to i...
Book Store Management System Project Book Store Management System 1.0
9.8
CVSSv3
CVE-2022-4229
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has b...
Book Store Management System Project Book Store Management System 1.0
NA
CVE-2005-4177
Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote malicious users to inject arbitrary web script or HTML via the StartRow parameter.
Cfmagic Magic Book Personal 2.0
Cfmagic Magic Book Professional 2.0
1 EDB exploit
6.1
CVSSv3
CVE-2023-23024
Book Store Management System v1.0 exists to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/book. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter.
Book Store Management System Project Book Store Management System 1.0
6.1
CVSSv3
CVE-2023-4847
A vulnerability classified as problematic has been found in SourceCodester Simple Book Catalog App 1.0. Affected is an unknown function of the component Update Book Form. The manipulation of the argument book_title/book_author leads to cross site scripting. It is possible to laun...
Simple Book Catalog App Project Simple Book Catalog App 1.0
9.8
CVSSv3
CVE-2023-4848
A vulnerability classified as critical was found in SourceCodester Simple Book Catalog App 1.0. Affected by this vulnerability is an unknown functionality of the file delete_book.php. The manipulation of the argument delete leads to sql injection. The attack can be launched remot...
Simple Book Catalog App Project Simple Book Catalog App 1.0
9.8
CVSSv3
CVE-2023-27250
Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php.
Online Book Store Project Project Online Book Store Project 1.0
NA
CVE-2009-2608
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2...
Chatelao Php Address Book 4.0.1
Chatelao Php Address Book 4.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »