Lucene search
+L

501 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:17 a.m.6 views

CVE-2023-23024

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the writer parameter...

6.1CVSS6AI score0.00423EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:19 a.m.9 views

CVE-2022-3452

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument categoryname leads to cross site scripting. The attack can be initiated remotely...

5.4CVSS6.4AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:59 a.m.6 views

CVE-2022-2770

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System. Affected is an unknown function of the file /obs/book.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to launch the attack remotely. VDB-206166 is...

9.8CVSS7.5AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:18 a.m.15 views

CVE-2022-45613

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the publisher parameter...

5.4CVSS6AI score0.00459EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:16 a.m.6 views

CVE-2022-45215

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module...

5.4CVSS5.8AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:16 a.m.4 views

CVE-2022-45225

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the booktitle parameter...

6.1CVSS6.1AI score0.00484EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:5 p.m.6 views

CVE-2022-3453

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /transcation.php. The manipulation of the argument buyername leads to cross site scripting. The attack may be initiated remotely...

5.4CVSS6.3AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:45 p.m.8 views

CVE-2022-45217

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module...

5.4CVSS5.8AI score0.00548EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:37 p.m.9 views

CVE-2022-2748

A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The...

6.1CVSS6.4AI score0.00384EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:37 p.m.8 views

CVE-2022-2747

A vulnerability was found in SourceCodester Simple Online Book Store and classified as critical. This issue affects some unknown processing of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be initiated remotely. The associated identifier of th...

9.8CVSS7.5AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:37 p.m.8 views

CVE-2022-2746

A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin add.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-206014 is the identifier assigne...

9.8CVSS7.2AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:50 p.m.7 views

CVE-2021-43156

In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admindelete.php allows a remote attacker to delete any book...

6.5CVSS7.1AI score0.00527EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:36 p.m.8 views

CVE-2020-36003

The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases...

7.5CVSS7.5AI score0.01494EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:4 p.m.7 views

CVE-2020-19111

Incorrect Access Control vulnerability in Online Book Store v1.0 via adminverify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information...

9.8CVSS7.2AI score0.01892EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:3 p.m.13 views

CVE-2020-19108

SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code...

9.8CVSS8.5AI score0.01944EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:3 p.m.7 views

CVE-2020-19107

SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to editbook.php, which could let a remote malicious user execute arbitrary code...

9.8CVSS8.5AI score0.01944EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 4:2 p.m.8 views

CVE-2020-19110

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code...

9.8CVSS8.5AI score0.01556EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:56 p.m.11 views

CVE-2020-19109

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to adminedit.php, which could let a remote malicious user execute arbitrary code...

9.8CVSS8.5AI score0.01944EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:54 p.m.5 views

CVE-2020-19112

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admindelete.php, which could let a remote malicious user execute arbitrary code...

9.8CVSS8.6AI score0.01944EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:53 p.m.6 views

CVE-2020-19114

SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to editbook.php, which could let a remote malicious user execute arbitrary code...

9.8CVSS8.5AI score0.01944EPSS
Exploits1
Rows per page
Query Builder