Vulnerabilities > Online Book Store Project

DATE CVE VULNERABILITY TITLE RISK
2023-02-24 CVE-2021-34249 SQL Injection vulnerability in Online Book Store Project Online Book Store 1.0
SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.
network
low complexity
online-book-store-project CWE-89
7.5
2021-04-09 CVE-2020-23763 SQL Injection vulnerability in Online Book Store Project Online Book Store 1.0
SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
network
low complexity
online-book-store-project CWE-89
critical
9.8
2021-02-17 CVE-2020-36003 SQL Injection vulnerability in Online Book Store Project Online Book Store 1.0
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.
network
low complexity
online-book-store-project CWE-89
7.5
2020-08-31 CVE-2020-24115 Use of Hard-coded Credentials vulnerability in Online Book Store Project Online Book Store 1.0
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.
network
low complexity
online-book-store-project CWE-798
critical
9.8