CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3365 – SourceCodester Online Library System controller.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-3365
A vulnerability was found in SourceCodester Online Library System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin/users/controller.php. The manipulation of the argument user_name leads to cross site scripting. The attack may be initiated remotely. • https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-07.md https://vuldb.com/?ctiid.259469 https://vuldb.com/?id.259469 https://vuldb.com/?submit.310432 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3364 – SourceCodester Online Library System index.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-3364
A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. • https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-06.md https://vuldb.com/?ctiid.259468 https://vuldb.com/?id.259468 https://vuldb.com/?submit.310431 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3363 – SourceCodester Online Library System index.php sql injection
https://notcve.org/view.php?id=CVE-2024-3363
A vulnerability was found in SourceCodester Online Library System 1.0. It has been classified as critical. This affects an unknown part of the file admin/borrowed/index.php. The manipulation of the argument BookPublisher/BookTitle leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-05 https://vuldb.com/?ctiid.259467 https://vuldb.com/?id.259467 https://vuldb.com/?submit.310429 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3362 – SourceCodester Online Library System controller.php sql injection
https://notcve.org/view.php?id=CVE-2024-3362
A vulnerability was found in SourceCodester Online Library System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin/books/controller.php. The manipulation of the argument IBSN leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-04 https://vuldb.com/?ctiid.259466 https://vuldb.com/?id.259466 https://vuldb.com/?submit.310426 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3361 – SourceCodester Online Library System deweydecimal.php sql injection
https://notcve.org/view.php?id=CVE-2024-3361
A vulnerability has been found in SourceCodester Online Library System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/books/deweydecimal.php. The manipulation of the argument category leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-03 https://vuldb.com/?ctiid.259465 https://vuldb.com/?id.259465 https://vuldb.com/?submit.310425 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •