Online Book Store Project: Security Vulnerabilities
SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-24
SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-04-09
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-02-17
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-08-31