Online Book Store Project v1.0 is vulnerable to SQL Injection via /bookstore/bookPerPub.php.
9.8CVSS
9.8AI Score
0.002EPSS
The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database.
9.8CVSS
9.3AI Score
0.001EPSS