3 matches found
CVE-2024-3000
A vulnerability classified as critical was found in code-projects Online Book System 1.0. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument username/password/loginusername/loginpassword leads to sql injection. The attack can be initiated remotely. Th...
CVE-2024-3003
CVE-2024-3003 affects code-projects Online Book System 1.0, where the /cart.php endpoint’s quantity/remove parameter is vulnerable to SQL injection due to lack of input validation. This can be exploited remotely and has been publicly disclosed, with VDB-258205 assigned. Multiple sources corrobora...
CVE-2024-3002
CVE-2024-3002 affects code-projects Online Book System 1.0. The vulnerability is in /description.php where the ID parameter is not validated, allowing remote SQL injection. Exploitation is possible remotely, and multiple sources note public disclosure. Documented impact is data theft/alteration r...