Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
online book store project online book store 1.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-43739
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database.
Online Book Store Project Project Online Book Store Project 1.0
9.8
CVSSv3
CVE-2023-27250
Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php.
Online Book Store Project Project Online Book Store Project 1.0
9.8
CVSSv3
CVE-2021-43155
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php.
Projectworlds Online Book Store Project In Php 1.0
9.8
CVSSv3
CVE-2020-19107
SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
9.8
CVSSv3
CVE-2020-19113
Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution.
Projectworlds Online Book Store Project In Php 1.0
9.8
CVSSv3
CVE-2020-19108
SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
9.8
CVSSv3
CVE-2020-19109
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
9.8
CVSSv3
CVE-2020-19110
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
9.8
CVSSv3
CVE-2020-19111
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information.
Projectworlds Online Book Store Project In Php 1.0
9.8
CVSSv3
CVE-2020-19112
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »