5 matches found
CVE-2024-24096
Code-projects Computer Book Store 1.0 is affected by an SQL Injection vulnerability exposed through BookSBIN. The CVE entry notes a Local attacker with Low privileges can exploit this, with no user interaction required, and impacts confidentiality, integrity, and availability (base score 7.8, HIG...
CVE-2024-24100
CVE-2024-24100 affects Code-projects Computer Book Store 1.0. The issue is a SQL Injection via the PublisherID parameter in the application, constituting an input handling flaw that can lead to unauthorized data exposure or modification. The CVSS 3.1 metrics given indicate a high-severity, networ...
CVE-2024-28279
CVE-2024-28279 affects Code-projects Computer Book Store 1.0. The vulnerability is an SQL Injection exploitable via the endpoint book.php?bookisbn=, enabling remote manipulation. Several connected sources confirm the issue and indicate high risk (CVSS v3.1: 7.3, HIGH). Remediation/immediate actio...
CVE-2025-14647
CVE-2025-14647 affects Code-Projects Computer Book Store 1.0. The vulnerability is an SQL injection in the file /admin_delete.php, caused by manipulating the bookisbn parameter in an unknown function. The issue can be exploited remotely and is documented as having public exploits. Various sources...
CVE-2025-69559
The CVE-2025-69559 entry concerns code-projects Computer Book Store 1.0, with a File Upload vulnerability in admin_add.php. Multiple connected sources corroborate this issue, including Red Hat, NVD, CVE List, and others. The available data identify the affected software/component as the admin_add...