Online Book Store Project Online Book Store — known CVE vulnerabilities
Every CVE whose affected-product data names Online Book Store Project Online Book Store, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-23763 — CVSS 9.8 (critical): SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
CVE-2020-24115 — CVSS 9.8 (critical): In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.
CVE-2020-36003 — CVSS 7.5 (high): The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to…
CVE-2021-34249 — CVSS 7.5 (high): SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id…