Lucene search
China National Vulnerability DatabaseCNVD-2024-15741HistoryMar 29, 2024 - 12:00 a.m.
Online Book System cart.php File SQL Injection Vulnerability
2024-03-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
online book system
sql injection
version 1.0
validation
cart.php
sensitive data
database
Online Book System is an online booking system. A SQL injection vulnerability exists in version 1.0 of the Online Book System due to a lack of validation of externally entered SQL statements in the quantity/remove parameter of the /cart.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| online book system online book system v | eq | 1.0 |
Related
cvelist
cvelist
CVE-2024-3003 code-projects Online Book System cart.php sql injection
2024-03-27 22:00:06
cve
cve
CVE-2024-3003
2024-03-27 22:15:11
nvd
nvd
CVE-2024-3003
2024-03-27 22:15:11