CVE-2020-36112

CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php and in cart.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database on which the web application is running.
References
Link Resource
https://www.exploit-db.com/exploits/49314 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:cse_bookstore_project:cse_bookstore:1.0:*:*:*:*:*:*:*

Information

Published : 2021-01-04 03:15

Updated : 2021-01-07 09:17


NVD link : CVE-2020-36112

Mitre link : CVE-2020-36112

Products Affected
No products.
CWE