Lucene search
K

50 matches found

OSV
OSV
added 2025/11/14 9:15 p.m.4 views

CVE-2025-63891

Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...

7.5CVSS5.9AI score0.00401EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47101

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00787EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47100

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00635EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34989

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00518EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-49681

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00507EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.4 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

8.4CVSS8.5AI score0.00238EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:20 a.m.12 views

CVE-2024-5984

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS7.4AI score0.00787EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.4 views

Code-Projects Online Book Shop 注入漏洞

Code-Projects Online Book Shop is a Code-Projects open source online bookstore. An injection vulnerability exists in Code-Projects Online Book Shop version 1.0, which stems from an SQL injection vulnerability in the cat parameter of the /subcat.php page...

8.8CVSS7AI score0.00525EPSS
Exploits1References6
NVD
NVD
added 2024/09/20 4:15 p.m.17 views

CVE-2024-9036

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00507EPSS
Exploits1References5
OSV
OSV
added 2024/09/20 4:15 p.m.2 views

CVE-2024-9036

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

5.3CVSS6.3AI score0.00507EPSS
Exploits1References5
CVE
CVE
added 2024/09/20 3:31 p.m.53 views

CVE-2024-9036

CVE-2024-9036 affects itsourcecode Online Bookstore 1.0. The issue is a vulnerability in admin_add.php, where manipulation of the image parameter allows unrestricted file upload. This could enable remote exploitation; multiple sources note the exploit has been disclosed publicly. No remediation d...

6.5CVSS6.4AI score0.00507EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2024/09/20 3:31 p.m.15 views

CVE-2024-9036 itsourcecode Online Bookstore admin_add.php unrestricted upload

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00507EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/09/20 3:31 p.m.14 views

CVE-2024-9036 itsourcecode Online Bookstore admin_add.php unrestricted upload

A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS6.9AI score0.00507EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/09/20 12:0 a.m.5 views

itsourcecode Online Bookstore 代码问题漏洞

itsourcecode Online Bookstore is an online bookstore of itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode Online Bookstore due to an unrestricted file upload in the parameter image...

6.5CVSS6.7AI score0.00507EPSS
Exploits1References7
OSV
OSV
added 2024/07/21 11:15 a.m.6 views

CVE-2024-6951

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...

9.8CVSS6.4AI score0.00544EPSS
Exploits1References4
OSV
OSV
added 2024/06/17 2:15 p.m.4 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

8.4CVSS6.1AI score0.00238EPSS
Exploits1References1
NVD
NVD
added 2024/06/17 2:15 p.m.21 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

8.4CVSS0.00238EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/06/17 12:0 a.m.13 views

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...

8.4AI score0.00238EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.5 views

PT-2024-27782 · Unknown · Online-Bookstore-Project-In-Php

Name of the Vulnerable Software and Affected Versions: Online-Bookstore-Project-In-PHP version 1.0 Description: The issue allows a local attacker to execute arbitrary code via the admin delete.php component. This is due to a SQL Injection vulnerability. Recommendations: For...

8.4CVSS8.8AI score0.00238EPSS
Exploits1References2
CVE
CVE
added 2024/06/17 12:0 a.m.48 views

CVE-2024-37848

CVE-2024-37848 corresponds to a SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 that allows a local attacker to execute arbitrary code via admin_delete.php. Affected component is admin_delete.php; root cause is SQL injection leading to full impact (confidentiality, integrity, ...

8.4CVSS8.5AI score0.00238EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder