Vulnerabilities > Online Book Store Project > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-24 CVE-2021-34249 SQL Injection vulnerability in Online Book Store Project Online Book Store 1.0
SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.
network
low complexity
online-book-store-project CWE-89
7.5
7.5
2021-02-17 CVE-2020-36003 SQL Injection vulnerability in Online Book Store Project Online Book Store 1.0
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.
network
low complexity
online-book-store-project CWE-89
7.5
7.5