Lucene search
+L
JanobeOnline Library System

7 matches found

CVE
CVE
added 2024/04/06 4:31 a.m.64 views

CVE-2024-3360

The CVE-2024-3360 entry concerns SourceCodester Online Library System 1.0. The vulnerability is in the admin/books/index.php file, where manipulating the id parameter enables SQL injection and can be exploited remotely. Multiple sources confirm the affected file and parameter, and describe the im...

9.8CVSS7.5AI score0.00943EPSS
Web
CVE
CVE
added 2024/04/06 9:31 a.m.59 views

CVE-2024-3365

CVE-2024-3365 affects SourceCodester Online Library System 1.0. The vulnerability lies in the admin/users/controller.php file, where manipulation of the user_name argument enables a cross-site scripting (XSS) flaw. The issue is exploitable remotely and public exploits have been disclosed. Several...

5.4CVSS3.7AI score0.0055EPSS
Web
CVE
CVE
added 2024/04/06 9:0 a.m.55 views

CVE-2024-3364

CVE-2024-3364 affects SourceCodester Online Library System 1.0. The vulnerability is a cross-site scripting issue in the file admin/books/index.php , caused by manipulation of the id parameter. Impact is an XSS exposure; attack can be initiated remotely and has been publicly disclosed. Connected ...

5.4CVSS3.9AI score0.0055EPSS
Web
CVE
CVE
added 2024/04/06 6:31 a.m.54 views

CVE-2024-3362

CVE-2024-3362 affects SourceCodester Online Library System 1.0. The vulnerability is a SQL injection in the IBSN parameter of admin/books/controller.php. The issue can be triggered remotely and exploits have been publicly disclosed. Connected sources confirm the vulnerable component and the root ...

8.8CVSS7.5AI score0.00829EPSS
Web
CVE
CVE
added 2024/04/06 8:31 a.m.52 views

CVE-2024-3363

SourceCodester Online Library System 1.0 contains a SQL injection vulnerability in admin/borrowed/index.php, triggered by manipulating the BookPublisher/BookTitle parameters. The issue affects an unknown part of that file and can be exploited remotely; the vulnerability has been publicly disclose...

9.8CVSS7.5AI score0.00851EPSS
Web
CVE
CVE
added 2024/04/06 4:0 a.m.51 views

CVE-2024-3359

CVE-2024-3359 affects SourceCodester Online Library System 1.0. The vulnerability is in the admin/login.php file where the user_email parameter is manipulated, causing a SQL injection due to unsanitized input. Documents indicate the attack is remotely executable and that an exploit has been discl...

9.8CVSS7.5AI score0.00963EPSS
Web
CVE
CVE
added 2024/04/06 5:31 a.m.48 views

CVE-2024-3361

SourceCodester Online Library System 1.0 contains a SQL injection vulnerability in the admin/books/deweydecimal.php file, exploitable via the category parameter. This CVE (CVE-2024-3361) allows remote attackers to manipulate the web app and potentially access/modify data; multiple sources confirm...

8.8CVSS7.5AI score0.00829EPSS
Web