Lucene search
K
Library Management System ProjectLibrary Management System

34 matches found

CVE
CVE
added 2022/08/18 7:54 p.m.82 views

CVE-2022-36728

CVE-2022-36728 affects Library Management System v1.0. The vulnerability is a SQL injection in the RollNo parameter of /staff/delstu.php. Root cause: improper handling of input leading to SQL injection. Impact is aligned with high/critical severity in the supplied metrics. Affected product/versio...

9.8CVSS9.7AI score0.00921EPSS
Web
CVE
CVE
added 2022/08/18 7:54 p.m.79 views

CVE-2022-36725

CVE-2022-36725 affects Library Management System v1.0, where a SQL injection vulnerability exists in the M_Id parameter of the /student/dele.php endpoint. The NVD entry reports a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, no user interaction, and high impact on confidentia...

9.8CVSS9.7AI score0.00908EPSS
Web
CVE
CVE
added 2022/08/18 7:54 p.m.72 views

CVE-2022-36729

CVE-2022-36729 affects Library Management System v1.0, where a SQL injection is exposed via the M_Id parameter in /librarian/del.php. The vulnerability stems from unsafely handling the M_Id input, enabling attacker-controlled SQL execution. The CVSS 3.1 data in the initial record indicates a crit...

9.8CVSS9.7AI score0.00821EPSS
Web
CVE
CVE
added 2022/06/27 6:45 a.m.71 views

CVE-2022-2214

Overview: CVE-2022-2214 affects the SourceCodester Library Management System 1.0. Vulnerability: SQL injection in the /librarian/bookdetails.php endpoint via the id parameter (e.g., ' AND (SELECT 9198 FROM (SELECT(SLEEP(5)))iqZA)-- PbtB ), allowing remote attacker input to alter SQL logic. Impact...

8.8CVSS7.7AI score0.01045EPSS
Web
CVE
CVE
added 2022/08/25 9:55 p.m.68 views

CVE-2022-36719

The CVE-2022-36719 entry concerns Library Management System v1.0 with a SQL injection in the ok parameter of /admin/history.php. The user-facing impact is high (CVE metrics show CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and the vulnerability could allow remote exploitation without user inter...

9.8CVSS9.7AI score0.00873EPSS
Web
CVE
CVE
added 2022/08/29 11:9 p.m.67 views

CVE-2022-36709

CVE-2022-36709 affects Library Management System v1.0. A SQL injection vulnerability exists in the id parameter of /staff/edit_book_details.php. The NVD entry lists CVSS 3.1 base score 9.8 (CRITICAL) with network exposure, no privileges required, and no user interaction, impacting confidentiality...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2020/12/23 5:54 p.m.64 views

CVE-2020-28073

CVE-2020-28073 affects SourceCodester Library Management System 1.0. The vulnerability is a SQL injection in the login/authentication flow that allows an attacker to bypass authentication and impersonate any user. The attack is demonstrated in public references (e.g., PacketStorm) with a repro sh...

9.8CVSS9.9AI score0.02773EPSS
CVE
CVE
added 2022/08/29 11:9 p.m.64 views

CVE-2022-36711

CVE-2022-36711 affects Library Management System v1.0, where a SQL injection vulnerability exists via the id parameter on the /staff/bookdetails.php endpoint. The root cause is unsanitized input leading to potential unauthorized data access or manipulation, with the CVSS 3.1 base metrics indicati...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/25 9:55 p.m.64 views

CVE-2022-36715

CVE-2022-36715 affects Library Management System v1.0, with a SQL injection vulnerability exposed through the name parameter in /admin/search.php. The issue, as described in the CVE records and corroborating sources, indicates that unsanitized input allows attacker-controlled SQL execution, posin...

9.8CVSS9.7AI score0.00802EPSS
Web
CVE
CVE
added 2022/07/20 11:35 a.m.62 views

CVE-2022-2491

CVE-2022-2491 affects SourceCodester Library Management System 1.0 (lab.php). A SQL injection is triggered by manipulating the Section argument with the input 1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71716b7171,0x546e4444736b7743575a666d4873746a6450616261527a6762794442694650724566414...

8.8CVSS7.8AI score0.00625EPSS
CVE
CVE
added 2022/07/20 11:35 a.m.62 views

CVE-2022-2492

The connected documents confirm a SQL injection vulnerability in SourceCodester Library Management System 1.0, specifically via the RollNo parameter in /index.php. The input (e.g., admin' AND (SELECT 2625 FROM (SELECT(SLEEP(5)))MdIL) AND 'KXmq'='KXmq) can be injected to manipulate the query, enab...

8.8CVSS7.8AI score0.00625EPSS
CVE
CVE
added 2022/08/30 8:43 p.m.61 views

CVE-2022-36730

CVE-2022-36730 affects Library Management System v1.0, with a SQL injection vulnerability in the /librarian/delete.php endpoint exposed via the bookId parameter. The root cause is unsanitized input leading to SQL injection, enabling an attacker to potentially read/modify data or impact availabili...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/06/27 6:45 a.m.60 views

CVE-2022-2212

CVE-2022-2212 affects SourceCodester Library Management System 1.0, specifically the /card/index.php component. The vulnerability arises from lack of validation of the image parameter during file upload, enabling unrestricted file uploads. This could allow remote attackers to upload malicious fil...

8.8CVSS7.5AI score0.00934EPSS
Web
CVE
CVE
added 2022/08/30 8:57 p.m.60 views

CVE-2022-36657

CVE-2022-36657 affects Library Management System v1.0. The vulnerability is a cross-site scripting (XSS) flaw in the component /librarian/edit_book_details.php. Root cause details are not fully specified in the provided documents. Potential impact is XSS in the user context; no exploitation detai...

4.8CVSS5AI score0.00479EPSS
CVE
CVE
added 2022/08/29 11:9 p.m.60 views

CVE-2022-36712

CVE-2022-36712 pertains to Library Management System v1.0, where the vulnerability is a SQL injection via the id parameter in the endpoint /staff/studentdetails.php. The connected documents consistently describe the issue as an input-injection flaw that could affect data confidentiality, integrit...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/25 9:55 p.m.60 views

CVE-2022-36716

CVE-2022-36716 affects Library Management System v1.0, with a disclosed SQL injection in the id parameter of /admin/changestock.php. The root cause is unsanitized input leading to query manipulation. The CVSS 3.1 vector indicates critical severity (CRITICAL, AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). ...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/06/27 6:45 a.m.58 views

CVE-2022-2213

The CVE-2022-2213 entry concerns SourceCodester Library Management System 1.0. Affects the admin/edit_admin_details.php?id=admin function, where manipulating the Name parameter enables cross-site scripting (XSS). The vulnerability is exploitable remotely and the exploit has been published publicl...

5.4CVSS4.4AI score0.00533EPSS
Web
CVE
CVE
added 2022/08/18 7:54 p.m.58 views

CVE-2022-36722

CVE-2022-36722 affects Library Management System v1.0, where a SQL injection can be triggered via the title parameter in /librarian/history.php. Root cause: improper handling of the title input allowing SQL manipulation, leading to potential unauthorized data access and tampering. Impact (per CVS...

9.8CVSS9.7AI score0.00908EPSS
Web
CVE
CVE
added 2022/09/11 11:26 p.m.58 views

CVE-2022-37794

CVE-2022-37794 affects Library Management System 1.0. The /card/in-card.php endpoint with the id_no parameter is vulnerable to SQL injection due to unsafeguarded input handling, enabling potential impact to confidentiality, integrity, and availability (per NVD: CVSS 3.1 base score 9.8). No remedi...

9.8CVSS9.7AI score0.00859EPSS
Web
CVE
CVE
added 2022/08/25 9:55 p.m.57 views

CVE-2022-36721

CVE-2022-36721 affects Library Management System v1.0. It is a SQL injection vulnerability in the Textbook parameter handled at /admin/modify.php. The CVSS‑3.1 base score is 8.8 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: LOW, and impacts to Confidentiality, Int...

8.8CVSS8.9AI score0.00866EPSS
Web
CVE
CVE
added 2022/08/18 7:55 p.m.57 views

CVE-2022-36727

CVE-2022-36727 affects Library Management System v1.0, where a SQL injection vulnerability exists in the /staff/delete.php endpoint via the bookId parameter. The vulnerability exposes potential disclosure, modification, and disruption of data (per the CVSS 3.1 base score of 9.8, with HIGH confide...

9.8CVSS9.7AI score0.00821EPSS
Web
CVE
CVE
added 2022/08/11 11:51 a.m.56 views

CVE-2022-2774

CVE-2022-2774: A SQL injection in SourceCodester Library Management System affects the librarian/student.php file via manipulation of the title parameter. The vulnerability is described as critical with remote exploitation capability. The available documents consistently report SQL injection as t...

9.8CVSS8.3AI score0.00518EPSS
Web
CVE
CVE
added 2022/08/30 8:43 p.m.55 views

CVE-2022-36735

CVE-2022-36735 affects Library Management System v1.0. A SQL injection vulnerability exists in the /admin/delete.php endpoint via the bookId parameter, enabling attacker-controlled input to influence SQL queries. The CVSSv3.1 impact metrics indicate a CRITICAL severity (9.8) with network attack v...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2018/11/16 6:0 p.m.54 views

CVE-2018-18796

The CVE-2018-18796 entry corresponds to a SQL Injection vulnerability in Library Management System 1.0, exploitable via the frmListBooks/Search for Books path. Public details show the vulnerability arises from unsafe SQL construction in the frmListBooks flow (e.g., textSearch input), with PoC and...

9.8CVSS9.9AI score0.01587EPSS
Web
CVE
CVE
added 2022/08/28 10:46 p.m.54 views

CVE-2022-36708

The CVE-2022-36708 entry affects Library Management System v1.0. A SQL injection vulnerability exists in the Id parameter of /student/bookdetails.php, enabling an attacker to execute arbitrary SQL queries remotely without authentication. The issue is categorized as high impact (C, I, A) with netw...

9.8CVSS9.7AI score0.00891EPSS
Web
CVE
CVE
added 2022/08/29 11:9 p.m.54 views

CVE-2022-36714

CVE-2022-36714 affects Library Management System v1.0, with a SQL injection vulnerability in the Section parameter of /staff/lab.php. The issue is confirmed by multiple sources; CVSS 3.1 base score 9.8 (critical) with NETWORK attack vector, no user interaction, and impact to confidentiality, inte...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/30 8:43 p.m.54 views

CVE-2022-36734

CVE-2022-36734 affects Library Management System v1.0 via a SQL injection in the RollNo parameter handled by /admin/delstu.php. The NVD entry lists a critical CVSS v3.1 score (9.8) with network attack vector and high impacts on confidentiality, integrity, and availability; no exploitation details...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/28 10:46 p.m.53 views

CVE-2022-36704

Summary: CVE-2022-36704 affects Library Management System v1.0, with a SQL injection flaw exploitable via the Id parameter in /librarian/studentdetails.php. Root cause: unsanitized input leading to arbitrary SQL execution. Impact is stated as high in CVSS (CONF: HIGH, INTEG: HIGH, AVAIL: HIGH; sc...

8.8CVSS8.9AI score0.00866EPSS
Web
CVE
CVE
added 2022/08/25 9:55 p.m.53 views

CVE-2022-36720

CVE-2022-36720 affects Library Management System v1.0, with a SQL injection vulnerability in the id parameter of /admin/modify1.php. The CVSS v3.1 vector indicates a network-attackable, low-privileges, no user interaction, with high impact on confidentiality, integrity, and availability (8.8 base...

8.8CVSS8.9AI score0.00866EPSS
Web
CVE
CVE
added 2022/08/30 8:43 p.m.53 views

CVE-2022-36732

CVE-2022-36732 affects Library Management System v1.0, with a SQL injection in the id parameter of /librarian/dele.php. The vulnerability is confirmed across multiple sources in the connected set, and the NVD entry lists a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, no user...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/29 11:9 p.m.51 views

CVE-2022-36713

CVE-2022-36713 affects Library Management System v1.0, where a SQL injection can be triggered via the Section parameter in /librarian/lab.php. The CVE is substantiated across multiple feeds, with CVSS v3.1 base score 9.8 (CRITICAL) and impact on confidentiality, integrity, and availability (all H...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/30 8:43 p.m.50 views

CVE-2022-36731

The CVE-2022-36731 entry concerns Library Management System v1.0 with a SQL injection vulnerability via the RollNo parameter at /librarian/delstu.php. Affects the library management software’s input handling for RollNo, enabling potentially unauthenticated access to manipulate queries. CVSS 3.1 m...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/30 8:43 p.m.48 views

CVE-2022-36733

CVE-2022-36733 affects Library Management System v1.0, with a SQL injection vulnerability exploitable via the M_Id parameter at /admin/del.php. Multiple sources (NVD, Red Hat, PRION/PT-Protection, CNNVD) confirm a high-severity issue (CVSS v3.1: 9.8, network/low complexity, no privileges required...

9.8CVSS9.7AI score0.00789EPSS
Web
CVE
CVE
added 2022/08/11 11:50 a.m.38 views

CVE-2022-2768

CVE-2022-2768: Cross-site scripting in SourceCodester Library Management System, triggered by manipulation of the error argument in the file /qr/I/ (unknown code path). Exploitation is described as remote. Multiple sources (NVD, Red Hat, CVE listings, PRION/PT-Security) consistently identify this...

6.1CVSS4.9AI score0.0035EPSS