50 matches found
CVE-2025-63891
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...
EUVD-2024-47101
Malicious code in bioql PyPI...
EUVD-2024-47100
Malicious code in bioql PyPI...
EUVD-2022-34989
Malicious code in bioql PyPI...
EUVD-2024-49681
Malicious code in bioql PyPI...
CVE-2024-37848
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...
CVE-2024-5984
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file book.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be launched remotely. The exploit has been...
Code-Projects Online Book Shop 注入漏洞
Code-Projects Online Book Shop is a Code-Projects open source online bookstore. An injection vulnerability exists in Code-Projects Online Book Shop version 1.0, which stems from an SQL injection vulnerability in the cat parameter of the /subcat.php page...
CVE-2024-9036
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2024-9036
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2024-9036
CVE-2024-9036 affects itsourcecode Online Bookstore 1.0. The issue is a vulnerability in admin_add.php, where manipulation of the image parameter allows unrestricted file upload. This could enable remote exploitation; multiple sources note the exploit has been disclosed publicly. No remediation d...
CVE-2024-9036 itsourcecode Online Bookstore admin_add.php unrestricted upload
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2024-9036 itsourcecode Online Bookstore admin_add.php unrestricted upload
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file adminadd.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...
itsourcecode Online Bookstore 代码问题漏洞
itsourcecode Online Bookstore is an online bookstore of itsourcecode open source. A code issue vulnerability exists in version 1.0 of itsourcecode Online Bookstore due to an unrestricted file upload in the parameter image...
CVE-2024-6951
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admindelete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to initiate the attack remotely. The explo...
CVE-2024-37848
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...
CVE-2024-37848
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...
CVE-2024-37848
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admindelete.php component...
PT-2024-27782 · Unknown · Online-Bookstore-Project-In-Php
Name of the Vulnerable Software and Affected Versions: Online-Bookstore-Project-In-PHP version 1.0 Description: The issue allows a local attacker to execute arbitrary code via the admin delete.php component. This is due to a SQL Injection vulnerability. Recommendations: For...
CVE-2024-37848
CVE-2024-37848 corresponds to a SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 that allows a local attacker to execute arbitrary code via admin_delete.php. Affected component is admin_delete.php; root cause is SQL injection leading to full impact (confidentiality, integrity, ...