CVE-2020-19108: SQL Injection
First published: Wed May 05 2021(Updated: )
SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Projectworlds Online Book Store Project In Php | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2020-19108.
What is the severity of CVE-2020-19108?
The severity of CVE-2020-19108 is critical.
How can a remote malicious user exploit CVE-2020-19108?
A remote malicious user can exploit CVE-2020-19108 through a SQL Injection vulnerability by manipulating the 'pubid' parameter in 'bookPerPub.php'.
What can a remote malicious user do if they successfully exploit CVE-2020-19108?
If a remote malicious user successfully exploits CVE-2020-19108, they can execute arbitrary code.
Is there a fix available for CVE-2020-19108?
Yes, it is recommended to apply the latest security patches or updates provided by the vendor to fix CVE-2020-19108.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/projectworlds
- canonical/projectworlds online book store project in php
- version/projectworlds online book store project in php/1.0