Shodan
Vulnerabilities
Vulnerable Software
Projectworlds:  >> Online Book Store Project In Php  >> 1.0  Security Vulnerabilities
CVE-2021-43155
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2021-12-22
CVE-2021-43156
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-12-22
CVE-2020-19108
SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-05-06
CVE-2020-19109
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-05-06
CVE-2020-19110
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-05-06
CVE-2020-19111
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-05-06
CVE-2020-19112
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-05-06
CVE-2020-19113
Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution.
CVSS Score
9.8
EPSS Score
0.026
Published
2021-05-06
CVE-2020-19114
SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to edit_book.php, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-05-06
CVE-2020-19107
SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-05-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved