CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

CVE•added 2025/10/08 3:2 a.m.•6 views

CVE-2025-11426

CVE-2025-11426 affects projectworlds Advanced Library Management System 1.0. The root cause is manipulation of the image argument in /edit_book.php, yielding unrestricted remote upload. Exploitation status: public exploit is available; multiple sources confirm remote attack possible and unrestric...

8.8CVSS6.2AI score0.0007EPSS

Exploits1References4Affected Software1

Cvelist•added 2025/10/08 3:2 a.m.•5 views

CVE-2025-11426 projectworlds Advanced Library Management System edit_book.php unrestricted upload

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...

6.5CVSS0.0007EPSS

Exploits1References4

Positive Technologies•added 2025/10/08 12:0 a.m.•2 views

PT-2025-41218

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A security flaw exists in projectworlds Advanced Library Management System 1.0. The issue involves an unrestricted upload capability due to the manipulation of the image...

8.8CVSS6.1AI score0.0007EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-39411

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00334EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-39360

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00257EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:3 p.m.•4 views

CVE-2020-19107

SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to editbook.php, which could let a remote malicious user execute arbitrary code...

9.8CVSS8.5AI score0.00284EPSS

Exploits1

OSV•added 2024/12/30 12:15 a.m.•2 views

CVE-2024-13029

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. It is possible to launch the attack...

8.8CVSS7.1AI score

Exploits0References4

Cvelist•added 2024/12/29 11:31 p.m.•15 views

CVE-2024-13029 Antabot White-Jotter Edit Book book server-side request forgery

5.3CVSS0.00168EPSS

Exploits1References4

Positive Technologies•added 2024/12/29 12:0 a.m.•3 views

PT-2024-17886 · Unknown · Antabot White-Jotter

Name of the Vulnerable Software and Affected Versions: Antabot White-Jotter versions up to 0.2.2 Description: A problematic issue was found in the Edit Book Handler component, affecting an unknown function of the file /admin/content/book. This leads to server-side request forgery, which can be...

8.8CVSS4.9AI score0.00168EPSS

Exploits1References11

CNNVD•added 2024/06/15 12:0 a.m.•2 views

Online Book Store SQL Injection Vulnerability

Online Book Store is an online bookstore by Arvin Arandilla, a personal developer. A SQL injection vulnerability exists in itsourcecode Online Book Store version 1.0, which stems from editbook.php containing an unknown function that causes SQL injection via the parameter image...

8.8CVSS8AI score0.00047EPSS

Exploits1References5

Positive Technologies•added 2024/06/15 12:0 a.m.•1 views

PT-2024-37311 · Unknown · Itsourcecode Online Bookstore

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Book Store versions up to 1.0 Description: A critical issue was found in the itsourcecode Online Book Store, where an unknown function of the file /edit book.php is affected. The manipulation of the image argument leads to...

8.8CVSS8AI score0.00047EPSS

Exploits1References8