Multiple SQL injection vulnerabilities in AV Book Library prior to 1.1 allow remote malicious users to execute arbitrary SQL commands via unspecified parameters to (1) admin/edit.php, (2) admin/add.php, (3) lib/book_search.php, and possibly other components.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
avbooklibrary avbooklibrary 1.0.1 |
||
avbooklibrary avbooklibrary 1.0.0 |
||
avbooklibrary avbooklibrary |