Vulnerabilities (CVE)

Filtered by vendor Online Book Store Project Subscribe
Filtered by product Online Book Store
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34249 1 Online Book Store Project 1 Online Book Store 2024-11-21 N/A 7.5 HIGH
SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.
CVE-2020-36003 1 Online Book Store Project 1 Online Book Store 2024-11-21 5.0 MEDIUM 7.5 HIGH
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.
CVE-2020-24115 1 Online Book Store Project 1 Online Book Store 2024-11-21 5.0 MEDIUM 9.8 CRITICAL
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.
CVE-2020-23763 1 Online Book Store Project 1 Online Book Store 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.