CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10968 – 1000 Projects Bookstore Management System contact_process.php sql injection
https://notcve.org/view.php?id=CVE-2024-10968
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /contact_process.php. The manipulation of the argument fnm leads to sql injection. The attack can be launched remotely. • https://github.com/NG0324/CVE/issues/1 https://vuldb.com/?ctiid.283417 https://vuldb.com/?id.283417 https://vuldb.com/?submit.437322 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10845 – 1000 Projects Bookstore Management System book_detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-10845
A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file book_detail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/hbuzs/CVE/issues/3 https://vuldb.com/?ctiid.283090 https://vuldb.com/?id.283090 https://vuldb.com/?submit.436999 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10844 – 1000 Projects Bookstore Management System search.php sql injection
https://notcve.org/view.php?id=CVE-2024-10844
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file search.php. The manipulation of the argument s leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/sbm-98/CVE/issues/1 https://vuldb.com/?ctiid.283089 https://vuldb.com/?id.283089 https://vuldb.com/?submit.436969 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •