VYPR

online-book-store

by Sourcecodester

CVEs (2)

  • CVE-2021-34249HigFeb 24, 2023
    risk 0.49cvss 7.5epss 0.01

    SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.

  • CVE-2020-36003HigFeb 17, 2021
    risk 0.49cvss 7.5epss 0.01

    The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.