CVE-2025-14647

A weakness has been identified in code-projects Computer Book Store 1.0. Affected is an unknown function of the file /admindelete.php. This manipulation of the argument bookisbn causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public...

CVE-2025-14647 code-projects Computer Book Store admin_delete.php sql injection

A weakness has been identified in code-projects Computer Book Store 1.0. Affected is an unknown function of the file /admindelete.php. This manipulation of the argument bookisbn causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public...

Code-Projects Computer Book Store SQL注入漏洞

Code-Projects Computer Book Store is an open source computer book store by Code-Projects. Code-Projects Computer Book Store version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter bookisbn in the file /admindelete.php, which could lead to a S...

CVE-2025-63891

Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...

CVE-2023-49543

Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating...

PT-2023-18823 · Unknown · Book Store Management System

Name of the Vulnerable Software and Affected Versions: Book Store Management System version 1.0 Description: A cross-site scripting XSS issue was found in the /bsms ci/index.php/book endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the writ...

PT-2022-26572 · Sourcecodester · Sourcecodester Human Resource Management System +1

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 SourceCodester Book Store Management System version 1.0 Description: A critical issue affects the processing of the file /hrm/employeeadd.php, where the manipulation of the empid...

CVE-2022-45215

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module...

CVE-2022-44097

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel...

CVE-2022-44097

CVE-2022-44097 affects Book Store Management System v1.0. The vulnerability arises from hardcoded credentials in the system, enabling attackers to escalate privileges and gain access to the admin panel. This is supported by multiple connected sources (RH Red Hat, NVD, CNNVD and others) describing...

CVE-2022-3452

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument categoryname leads to cross site scripting. The attack can be initiated remotely...

CVE-2022-3452 SourceCodester Book Store Management System category.php cross site scripting

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument categoryname leads to cross site scripting. The attack can be initiated remotely...

CVE-2022-2771 SourceCodester Simple Online Book Store System bookPerPub.php sql injection

A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. Affected by this vulnerability is an unknown functionality of the file /obs/bookPerPub.php. The manipulation of the argument bookisbn leads to sql injection. The attack can be launched...

CVE-2022-2770

CVE-2022-2770 affects SourceCodester Simple Online Book Store System. Affected component: the file /obs/book.php. The vulnerability stems from manipulation of the bookisbn parameter, enabling SQL injection and allowing remote attack access. The CVE is labeled CRITICAL in some sources, with an att...

Projectworlds Online Book Store Project In Php SQL注入漏洞

Projectworlds Online Shopping System is an online shopping system from the Austrian company Projectsworlds.A SQL injection vulnerability exists in Projectsworlds Online Book Store PHP, which stems from the fact that Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the...

CVE-2020-19110

SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code...

PHPGurukul Online Book Store SQL注入漏洞

PHPGurukul Online Book Store is a PHP-based online bookstore website system. A SQL injection vulnerability exists in Online Book Store v1.0. The vulnerability can be exploited to execute arbitrary code via the bookisbn parameter of adminedit.php...

FS Book Store Script - category SQL Injection

FS Book Store Script - category SQL Injection Exploit Title: FS Book Store Script - SQL Injection Date: 2017-10-23 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/book-store-script/ Version: 23 October 17 Tested on: Kali Linux...

book.store.co.id XSS vulnerability

Open Bug Bounty ID: OBB-52051 Description| Value ---|--- Affected Website:| book.store.co.id Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...