CVE-2024-10969 – 1000 Projects Bookstore Management System Login login_process.php sql injection
https://notcve.org/view.php?id=CVE-2024-10969
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/login_process.php of the component Login. The manipulation of the argument unm leads to sql injection. The attack may be launched remotely. • https://github.com/ppp-src/CVE/issues/31 https://vuldb.com/?ctiid.283418 https://vuldb.com/?id.283418 https://vuldb.com/?submit.437416 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10968 – 1000 Projects Bookstore Management System contact_process.php sql injection
https://notcve.org/view.php?id=CVE-2024-10968
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /contact_process.php. The manipulation of the argument fnm leads to sql injection. The attack can be launched remotely. • https://github.com/NG0324/CVE/issues/1 https://vuldb.com/?ctiid.283417 https://vuldb.com/?id.283417 https://vuldb.com/?submit.437322 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-10845 – 1000 Projects Bookstore Management System book_detail.php sql injection
https://notcve.org/view.php?id=CVE-2024-10845
A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file book_detail.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/hbuzs/CVE/issues/3 https://vuldb.com/?ctiid.283090 https://vuldb.com/?id.283090 https://vuldb.com/?submit.436999 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •
CVE-2024-10844 – 1000 Projects Bookstore Management System search.php sql injection
https://notcve.org/view.php?id=CVE-2024-10844
A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file search.php. The manipulation of the argument s leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/sbm-98/CVE/issues/1 https://vuldb.com/?ctiid.283089 https://vuldb.com/?id.283089 https://vuldb.com/?submit.436969 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-707: Improper Neutralization •