CVE-2024-3004 code-projects Online Book System Product.php cross site scripting

A vulnerability was found in code-projects Online Book System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Product.php. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. The exploit ha...

CVE-2024-3000

A vulnerability classified as critical was found in code-projects Online Book System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument username/password/loginusername/loginpassword leads to sql injection. The attack can be initiated remotely. Th...

CVE-2024-3003

CVE-2024-3003 affects code-projects Online Book System 1.0, where the /cart.php endpoint’s quantity/remove parameter is vulnerable to SQL injection due to lack of input validation. This can be exploited remotely and has been publicly disclosed, with VDB-258205 assigned. Multiple sources corrobora...

CVE-2024-3002

CVE-2024-3002 affects code-projects Online Book System 1.0. The vulnerability is in /description.php where the ID parameter is not validated, allowing remote SQL injection. Exploitation is possible remotely, and multiple sources note public disclosure. Documented impact is data theft/alteration r...

CVE-2024-3001

CVE-2024-3001 affects code-projects Online Book System 1.0. The vulnerability resides in the handling of a value passed to /Product.php, where input manipulation enables SQL injection. It can be exploited remotely without authentication and requires no user interaction. Public exploit information...

CVE-2024-3001 code-projects Online Book System Product.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Online Book System 1.0. This issue affects some unknown processing of the file /Product.php. The manipulation of the argument value leads to sql injection. The attack may be initiated remotely. The exploit has been...