3 matches found
CVE-2023-43739
The CVE-2023-43739 entry concerns the Online Book Store Project (v1.0) by Projectworlds. The vulnerability is due to the bookisbn parameter of cart.php not validating input, sending characters unfiltered to the database, which implies an unauthenticated SQL injection risk. Connected sources reite...
CVE-2023-43739 Online Book Store Project v1.0 - Unauthenticated SQL Injection (SQLi)
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-43739 Online Book Store Project v1.0 - Unauthenticated SQL Injection (SQLi)
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database...