CVE-2020-23763

CRITICAL

Online Book Store 1.0 - SQL Injection

Title source: llm
STIX 2.1

Description

SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.

Scores

CVSS v3 9.8
EPSS 0.0186
EPSS Percentile 76.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
online_book_store_project/online_book_store 1.0
Published Apr 09, 2021
Tracked Since Feb 18, 2026