Vulnerabilities > Online Book Store Project Project

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-43739 SQL Injection vulnerability in Online Book Store Project Online Book Store Project 1.0
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
online-book-store-project-project CWE-89
critical
9.8
2023-03-16 CVE-2023-27250 SQL Injection vulnerability in Online Book Store Project Online Book Store Project 1.0
Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php.
network
low complexity
online-book-store-project-project CWE-89
critical
9.8