Online Book Store Project
Monthly
A vulnerability was found in itsourcecode Online Bookstore 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php component. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in itsourcecode Online Bookstore 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in itsourcecode Online Bookstore 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated attacker to obtain Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in itsourcecode Online Bookstore 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php component. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in itsourcecode Online Bookstore 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in itsourcecode Online Bookstore 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated attacker to obtain Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.