Bookstore Management System
by Phpgurukul
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-10845 | 0.00 | — | 0.01 | Nov 5, 2024 | A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file book_detail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2024-10844 | 0.00 | — | 0.01 | Nov 5, 2024 | A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file search.php. The manipulation of the argument s leads to sql injection. It is possible to initiate the attack remotely. The… | |||
| CVE-2023-49540 | 0.00 | — | 0.01 | Mar 1, 2024 | Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter. | |||
| CVE-2023-49543 | 0.00 | — | 0.01 | Mar 1, 2024 | Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating. | |||
| CVE-2022-45217 | 0.00 | — | 0.01 | Dec 7, 2022 | A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module. | |||
| CVE-2022-4229 | 0.00 | — | 0.01 | Nov 30, 2022 | A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has… | |||
| CVE-2022-4228 | 0.00 | — | 0.01 | Nov 30, 2022 | A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to… | |||
| CVE-2022-3453 | 0.00 | — | 0.00 | Oct 11, 2022 | A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /transcation.php. The manipulation of the argument buyer_name leads to cross site scripting. The attack may be… | |||
| CVE-2022-3452 | 0.00 | — | 0.00 | Oct 11, 2022 | A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument category_name leads to cross site scripting. The attack can be… |
- CVE-2024-10845Nov 5, 2024risk 0.00cvss —epss 0.01
A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file book_detail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The…
- CVE-2024-10844Nov 5, 2024risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file search.php. The manipulation of the argument s leads to sql injection. It is possible to initiate the attack remotely. The…
- CVE-2023-49540Mar 1, 2024risk 0.00cvss —epss 0.01
Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter.
- CVE-2023-49543Mar 1, 2024risk 0.00cvss —epss 0.01
Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating.
- CVE-2022-45217Dec 7, 2022risk 0.00cvss —epss 0.01
A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module.
- CVE-2022-4229Nov 30, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has…
- CVE-2022-4228Nov 30, 2022risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. The manipulation of the argument password leads to information disclosure. It is possible to…
- CVE-2022-3453Oct 11, 2022risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /transcation.php. The manipulation of the argument buyer_name leads to cross site scripting. The attack may be…
- CVE-2022-3452Oct 11, 2022risk 0.00cvss —epss 0.00
A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument category_name leads to cross site scripting. The attack can be…
Page 2 of 2