BookSBIN SQL Injection Vulnerability Affects Computer Book Store 1.0
CVE-2024-24096

Currently unrated

Key Information:

Vendor: Code-projects
Status: Computer Book Store
Vendor: CVE Published:; 27 February 2024

🔔 Create Code-projects Vulnerability Alert

What is CVE-2024-24096?

The Code-projects Computer Book Store version 1.0 is susceptible to an SQL Injection flaw through the BookSBIN parameter. This vulnerability can be exploited by an attacker to execute arbitrary SQL commands, potentially allowing unauthorized access to sensitive data or even altering the database contents. Proper input validation and parameterized queries are crucial to mitigate the risks associated with this type of vulnerability.

References

https://github.com/ASR511-OO7/CVE-2024-24096/blob/main/CV...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 27, 2024
Vulnerability Reserved
Jan 25, 2024