CVE-2024-3002 | code-projects Online Book System 1.0 /description.php ID sql injection

Posted by Angelo Barbosa | Mar 27, 2024 | CVE

A vulnerability, which was classified as critical, was found in code-projects Online Book System 1.0. Affected is an unknown function of the file /description.php. The manipulation of the argument ID leads to sql injection.

This vulnerability is traded as CVE-2024-3002. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-3002 | code-projects Online Book System 1.0 /description.php ID sql injection

Related Posts

CVE-2024-3277 | Yumpu ePaper Publishing Plugin up to 2.0.24 on WordPress authorization

CVE-2024-30676 | ROS2 Iron Irwini denial of service

CVE-2023-47505 | Elementor Elementor Plugin up to 3.16.4 on WordPress Elementor.Com cross site scripting

CVE-2023-38694 | Umbraco CMS up to 8.18.9/10.6.x/12.0.x cross site scripting (GHSA-xxc6-35r7-796w)