RSS   Vulnerabilities for 'Online book store'   RSS

2021-04-09
 
CVE-2020-23763

CWE-89
 

 
SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.

 
2021-02-17
 
CVE-2020-36003

CWE-89
 

 
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.

 
2020-08-31
 
CVE-2020-24115

CWE-798
 

 
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.

 


Copyright 2024, cxsecurity.com

 

Back to Top