Online-Bookstore-Project-In-PHP
by Online-Bookstore-Project-In-PHP
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-43740 | Hig | 0.57 | 8.8 | 0.01 | Sep 28, 2023 | Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application. | ||
| CVE-2024-37848 | Hig | 0.55 | 8.4 | 0.00 | Jun 17, 2024 | SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php component. |
- risk 0.57cvss 8.8epss 0.01
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.
- risk 0.55cvss 8.4epss 0.00
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php component.