CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

RedhatCVE•added 2026/01/09 12:31 p.m.•1 views

CVE-2023-4847

A vulnerability classified as problematic has been found in SourceCodester Simple Book Catalog App 1.0. Affected is an unknown function of the component Update Book Form. The manipulation of the argument booktitle/bookauthor leads to cross site scripting. It is possible to launch the attack...

6.1CVSS6.1AI score0.00385EPSS

Exploits1References1

RedhatCVE•added 2025/11/18 1:2 a.m.•3 views

CVE-2025-13255

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /booksearch.php. Performing a manipulation of the argument bookpub/booktitle results in sql injection. It is possible to initiate the attack remotely...

8.8CVSS6.4AI score0.00011EPSS

Exploits1References1

EUVD•added 2025/11/17 3:30 a.m.•1 views

EUVD-2025-197737

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /booksearch.php. Performing manipulation of the argument bookpub/booktitle results in sql injection. It is possible to initiate the attack remotely...

6.5CVSS6.6AI score0.00011EPSS

Exploits1References7

Cvelist•added 2025/11/17 12:32 a.m.•6 views

CVE-2025-13255 projectworlds Advanced Library Management System book_search.php sql injection

6.5CVSS0.00011EPSS

Exploits1References6

Vulnrichment•added 2025/11/17 12:32 a.m.•2 views

CVE-2025-13255 projectworlds Advanced Library Management System book_search.php sql injection

6.5CVSS6.4AI score0.00011EPSS

Exploits1References6

CVE•added 2025/11/17 12:32 a.m.•4 views

CVE-2025-13255

CVE-2025-13255 affects Projectworlds Advanced Library Management System 1.0. The vulnerability is a SQL injection in the /book_search.php handler, triggered by manipulating the book_pub/book_title argument. The issue is exploitable remotely and an exploit has been released publicly. Affected comp...

8.8CVSS6.4AI score0.00011EPSS

Exploits1References6Affected Software1

CNNVD•added 2025/11/17 12:0 a.m.•1 views

Projectworlds Advanced Library Management System SQL注入漏洞

Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Advanced Library Management System version 1.0, which stems from incorrect manipulation of the parameters bookpub/booktitle in...

8.8CVSS7AI score0.00011EPSS

Exploits1References7

Positive Technologies•added 2025/11/17 12:0 a.m.•3 views

PT-2025-47102

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /book search.php. Performing manipulation of the argument book pub/book title results in sql injection. It is possible to initiate the attack remotel...

6.5CVSS7.1AI score0.00011EPSS

Exploits1References7

CNNVD•added 2024/04/06 12:0 a.m.•1 views

Online Library System SQL注入漏洞

Online Library System is an open source online library system. A SQL injection vulnerability exists in SourceCodester Online Library System version 1.0, which originates from a SQL injection vulnerability in the BookPublisher/BookTitle parameter of the admin/borrowed/index.php file...

9.8CVSS7.9AI score0.00053EPSS

Exploits1References5

CNNVD•added 2023/11/30 12:0 a.m.•2 views

Book Borrower System Cross-Site Scripting Vulnerability

Book Borrower System is a book borrowing system by the individual developer Remy Andrade. A cross-site scripting vulnerability exists in Book Borrower System version 1.0, which stems from an incorrect manipulation of the Book Title/Book Author parameter that can lead to cross-site scripting...

5.4CVSS5.8AI score0.00134EPSS

Exploits1References3

Positive Technologies•added 2023/11/30 12:0 a.m.•3 views

PT-2023-32668 · Sourcecodester · Sourcecodester Book Borrower System

Name of the Vulnerable Software and Affected Versions: SourceCodester Book Borrower System version 1.0 Description: A vulnerability was found in the system, classified as problematic, affecting some unknown processing of the file "add-book.php". The manipulation of the argument Book Title or Book...

5.4CVSS4.3AI score0.00134EPSS

Exploits1References9

OSV•added 2023/09/09 8:15 a.m.•0 views

CVE-2023-4847

6.1CVSS3.8AI score0.00385EPSS

Exploits1References3

CNNVD•added 2023/09/09 12:0 a.m.•2 views

SourceCodester Simple Book Catalog App Cross-Site Scripting Vulnerability

Simple Book Catalog App is a simple book catalog application by the individual developer Remy Andrade. A cross-site scripting vulnerability exists in SourceCodester Simple Book Catalog App version 1.0, which stems from the presence of an unknown function in the component Update Book Form, leading...

6.1CVSS6.2AI score0.00385EPSS

Exploits1References5

Positive Technologies•added 2023/09/09 12:0 a.m.•2 views

PT-2023-8074 · Sourcecodester · Sourcecodester Simple Book Catalog App

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Book Catalog App version 1.0 Description: A vulnerability has been found in the Update Book Form component of the SourceCodester Simple Book Catalog App. The manipulation of the book title and book author arguments leads...

6.1CVSS4.2AI score0.00385EPSS

Exploits1References11

CNNVD•added 2023/08/28 12:0 a.m.•2 views

Badaso 跨站脚本漏洞

Badaso is Uasoft open source an open source Laravel Vue headless CMS. Badosa v2.9.7 version of the cross-site scripting vulnerability , the vulnerability stems from the application of the user-supplied data lack of effective filtering and escaping , an attacker can exploit the vulnerability throu...

5.4CVSS6.9AI score0.00441EPSS

Exploits1References3

OSV•added 2022/11/25 8:15 p.m.•2 views

CVE-2022-45225

Book Store Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in /bsmsci/index.php/book. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the booktitle parameter...

6.1CVSS5.9AI score

Exploits0References1

Positive Technologies•added 2022/11/25 12:0 a.m.•2 views

PT-2022-27445 · Unknown · Book Store Management System

Name of the Vulnerable Software and Affected Versions: Book Store Management System version 1.0 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the book...

6.1CVSS6.1AI score0.00247EPSS

Exploits0References5

CNNVD•added 2022/11/25 12:0 a.m.•2 views

Book Store Management System 跨站脚本漏洞

Book Store Management System is an online bookstore system by Carlo Montero, an individual developer. A security vulnerability exists in Book Store Management System v1.0, which originates in the booktitle parameter of its /bsmsci/index.php/book component, allowing an attacker to execute arbitrar...

6.1CVSS6.6AI score0.00247EPSS

Exploits0References2

Positive Technologies•added 2022/09/11 12:0 a.m.•2 views

PT-2022-24074 · Unknown · Simple Online Book Store System

Name of the Vulnerable Software and Affected Versions: Simple Online Book Store System version 1.0 Description: The issue concerns Cross Site Scripting XSS in the /admin book.php file, where the Title, Author, and Description parameters are vulnerable. This allows for potential malicious script...

5.4CVSS5.2AI score0.00224EPSS

Exploits1References4