BookSBIN SQL Injection Vulnerability Affects Computer Book Store 1.0
CVE-2024-24096

Currently unrated

Key Information:

Vendor
Code-projects
Status
Computer Book Store
Vendor
CVE Published:
27 February 2024

Summary

The Code-projects Computer Book Store version 1.0 is susceptible to an SQL Injection flaw through the BookSBIN parameter. This vulnerability can be exploited by an attacker to execute arbitrary SQL commands, potentially allowing unauthorized access to sensitive data or even altering the database contents. Proper input validation and parameterized queries are crucial to mitigate the risks associated with this type of vulnerability.

References

https://github.com/ASR511-OO7/CVE-2024-24096/blob/main/CV...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-24096 : BookSBIN SQL Injection Vulnerability Affects Computer Book Store 1.0 | SecurityVulnerability.io