CVE-2020-28073

CRITICAL

Library Management System 1.0 - SQL Injection

Title source: llm
STIX 2.1

Description

SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system.

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0277
EPSS Percentile 84.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
library_management_system_project/library_management_system 1.0
Published Dec 23, 2020
Tracked Since Feb 18, 2026