SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
9.8CVSS
10AI Score
0.002EPSS
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.
9.8CVSS
9.4AI Score
0.006EPSS
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.
7.5CVSS
7.7AI Score
0.002EPSS
SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.
7.5CVSS
7.6AI Score
0.002EPSS
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file bookPerPub.php. The manipulation of the argument pubid leads to sql injection. The attack can be launched remotely. The exploit ha...
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability was found in itsourcecode Online Book Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin_delete.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be initiated remotely. The exploit has been discl...
9.8CVSS
7.4AI Score
0.001EPSS