Lucene search
China National Vulnerability DatabaseCNVD-2024-15742HistoryMar 29, 2024 - 12:00 a.m.
Online Book System index.php File SQL Injection Vulnerability
2024-03-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
online book system
sql injection
version 1.0
validation
externally entered
username
password
login
attacker
database data
security
Online Book System is an online booking system. A SQL injection vulnerability exists in version 1.0 of Online Book System, which originates from a lack of validation of externally entered SQL statements in the username/password/login_username/login_password parameters of the /index.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| online book system online book system v | eq | 1.0 |
Related
cve
cve
CVE-2024-3000
2024-03-27 22:15:10
cvelist
cvelist
CVE-2024-3000 code-projects Online Book System index.php sql injection
2024-03-27 21:31:04
githubexploit
githubexploit
Exploit for CVE-2024-3000
2024-04-10 23:34:10
nvd
nvd
CVE-2024-3000
2024-03-27 22:15:10