CVE-2022-2771 — SQL Injection in Simple Online Book Store System

CWE-89 — SQL Injection3 documents3 sources
Severity
9.8CRITICALNVD
CNA6.3
EPSS
0.3%
top 45.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sourcecodester Simple Online Book Store System
Timeline
PublishedAug 11
Latest updateAug 12

Description

A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. Affected by this vulnerability is an unknown functionality of the file /obs/bookPerPub.php. The manipulation of the argument bookisbn leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-206167.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-xqhw-8mqw-pjf9: A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical↗2022-08-12
â–¶
CVEList
SourceCodester Simple Online Book Store System bookPerPub.php sql injection↗2022-08-11
â–¶
CVE-2022-2771 — SQL Injection | cvebase