VYPR

Library Management System

by WordPress

Source repositories

CVEs (10)

  • CVE-2020-28073CriDec 23, 2020
    risk 0.64cvss 9.8epss 0.03

    SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system.

  • CVE-2025-12707HigFeb 19, 2026
    risk 0.49cvss 7.5epss 0.00

    The Library Management System plugin for WordPress is vulnerable to SQL Injection via the 'bid' parameter in all versions up to, and including, 3.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This…

  • CVE-2020-36954MedJan 26, 2026
    risk 0.42cvss 6.4epss 0.00

    Xeroneit Library Management System 3.1 contains a stored cross-site scripting vulnerability in the Book Category feature that allows administrators to inject malicious scripts. Attackers can insert a payload in the Category Name field to execute arbitrary JavaScript code when…

  • CVE-2025-7210MedJul 9, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects/Fabian Ros Library Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/profile_update.php. The manipulation of the argument photo leads to unrestricted upload. The…

  • CVE-2024-8679MedDec 7, 2024
    risk 0.37cvss 6.8epss 0.00

    The Library Management System – Manage e-Digital Books Library plugin for WordPress is vulnerable to SQL Injection via the ‘value' parameter of the owt_lib_handler AJAX action in all versions up to, and including, 3.1 due to insufficient escaping on the user supplied…

  • CVE-2024-12406MedDec 12, 2024
    risk 0.35cvss 6.5epss 0.00

    The Library Management System – Manage e-Digital Books Library plugin for WordPress is vulnerable to SQL Injection via the 'owt7_borrow_books_id' parameter in all versions up to, and including, 3.2.0 due to insufficient escaping on the user supplied parameter and lack of…

  • CVE-2025-10303MedOct 15, 2025
    risk 0.21cvss 4.3epss 0.00

    The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7_library_management_ajax_handler() function in all versions up to, and including, 3.1. This makes it possible for authenticated…

  • CVE-2024-12188Dec 5, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in 1000 Projects Library Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /brains/stu.php. The manipulation of the argument useri leads to sql injection. The attack can be…

  • CVE-2024-12187Dec 5, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in 1000 Projects Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /showbook.php. The manipulation of the argument q leads to sql injection. It is possible to launch the attack remotely. The…

  • CVE-2023-7109Dec 26, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in code-projects Library Management System 2.0. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The…