CVE-2024-3003 | code-projects Online Book System 1.0 /cart.php quantity/remove sql injection

Inserito da Angelo Barbosa | Mar 27, 2024 | CVE

A vulnerability has been found in code-projects Online Book System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cart.php. The manipulation of the argument quantity/remove leads to sql injection.

This vulnerability is known as CVE-2024-3003. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-3003 | code-projects Online Book System 1.0 /cart.php quantity/remove sql injection

Post correlati

CVE-2024-6166 | Unlimited Elements For Elementor Plugin up to 1.5.112 on WordPress sql injection

CVE-2023-49394 | Zentao up to 4.1.3 redirect

CVE-2024-39435 | Unisoc S8000 Logmanager Service Local Privilege Escalation

CVE-2023-48783 | Fortinet FortiPortal up to 5.3.8/6.0.14/7.0.6/7.2.1 GET Request authorization (FG-IR-23-408)