Lucene search
+L

34 matches found

Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-15537 SourceCodester Online Book Store System login.php sql injection

A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the...

7.5CVSS0.00263EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-15532 SourceCodester Online Book Store System User Management cross site scripting

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS0.0021EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago8 views

CVE-2026-15532

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS4.7AI score0.0021EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/15 12:47 a.m.11 views

CVE-2025-63891

Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...

7.5CVSS6.7AI score0.00438EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.5 views

SourceCodester Simple Online Book Store System 安全漏洞

SourceCodester Simple Online Book Store System is a SourceCodester open source simple online bookstore system. A security vulnerability exists in SourceCodester Simple Online Book Store System, which originates from an unauthenticated HTTP GET request to access a database backup file, potentially...

7.5CVSS6.9AI score0.00438EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-35012

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00518EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-47937

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00544EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.12 views

CVE-2024-6951

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...

9.8CVSS7.4AI score0.00544EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:37 p.m.9 views

CVE-2022-2746

A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin add.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-206014 is the identifier assigne...

9.8CVSS7.2AI score0.00463EPSS
Exploits0References1
NVD
NVD
added 2024/07/21 11:15 a.m.25 views

CVE-2024-6951

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...

9.8CVSS0.00544EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/21 11:0 a.m.15 views

CVE-2024-6951 SourceCodester Simple Online Book Store System admin_delete.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...

6.5CVSS7.6AI score0.00544EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/21 11:0 a.m.36 views

CVE-2024-6951 SourceCodester Simple Online Book Store System admin_delete.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...

6.5CVSS0.00544EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/07/21 12:0 a.m.9 views

PT-2024-37990 · Sourcecodester · Sourcecodester Simple Online Book Store System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Book Store System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file admin delete.php. The manipulation of the bookisbn argument leads to SQL injection. It is...

9.8CVSS8.5AI score0.00544EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2024/03/01 10:15 p.m.5 views

CVE-2023-49540

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter...

6.1CVSS6AI score0.00577EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2024/03/01 10:15 p.m.3 views

CVE-2023-49543

Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating...

9.8CVSS5.8AI score0.00963EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/03/01 12:0 a.m.4 views

Book Store Management System Security Vulnerability

Book Store Management System is an online bookstore system by Carlo Montero, an individual developer. A security vulnerability exists in Book Store Management System v1.0, which originates from a cross-site scripting vulnerability in the /bsmsci/index.php/history file...

6.1CVSS6.1AI score0.00577EPSS
Exploits1References5
OSV
OSV
added 2023/01/20 7:15 p.m.4 views

CVE-2023-23024

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter...

6.1CVSS6.5AI score0.00423EPSS
Exploits1References1
OSV
OSV
added 2022/12/02 3:15 p.m.4 views

CVE-2022-45215

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module...

5.4CVSS5.9AI score0.00377EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/25 12:0 a.m.4 views

PT-2022-27445 · Unknown · Book Store Management System

Name of the Vulnerable Software and Affected Versions: Book Store Management System version 1.0 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the book...

6.1CVSS6.1AI score0.00484EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.3 views

Book Store Management System 安全漏洞

Book Store Management System is an online bookstore system by Carlo Montero, an individual developer. A security vulnerability exists in Book Store Management System version 1.0, which is a cross-site scripting vulnerability due to manipulation of the buyername parameter...

5.4CVSS5.3AI score0.00348EPSS
Exploits0References2
Rows per page
Query Builder