漏洞标题
SourceCodester 简单在线书店系统 book.php SQL 注入
漏洞描述信息
SourceCodester简单在线书店系统book.php SQL注入
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
SourceCodester Simple Online Book Store System book.php sql injection
漏洞描述信息
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System. Affected is an unknown function of the file /obs/book.php. The manipulation of the argument bookisbn leads to sql injection. It is possible to launch the attack remotely. VDB-206166 is the identifier assigned to this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
漏洞类别
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
漏洞标题
Simple Online Book Store System SQL注入漏洞
漏洞描述信息
Simple Online Book Store System是Carlo Montero个人开发者的一个简易的网上书店系统。 Simple Online Book Store System存在安全漏洞,该漏洞源于文件/obs/book.php的未知函数受到影响,对参数bookisbn的操作会导致sql注入,攻击可以远程发起。
CVSS信息
N/A
漏洞类别
SQL注入