Online Book Store Project In Php Security Vulnerabilities

CVE-2020-36064

Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if...

CVE-2021-43155

Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in...

CVE-2021-43156

In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any...

CVE-2020-19112

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary...

CVE-2020-19111

Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive...

CVE-2020-19114

SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to edit_book.php, which could let a remote malicious user execute arbitrary...

CVE-2020-19109

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary...

CVE-2020-19113

Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code...

CVE-2020-19108

SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary...

CVE-2020-19110

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary...

CVE-2020-19107

SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary...

CVE-2020-23763

SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass...