CVE-2025-0295

Name of the Vulnerable Software and Affected Versions code-projects Online Book Shop version 1.0

Description A problem has been found in the software, affecting some unknown functionality of the file /booklist.php?subcatid=1. The issue is caused by the manipulation of the subcatnm argument, leading to cross site scripting. This can be exploited remotely.

Recommendations For code-projects Online Book Shop version 1.0, as a temporary workaround, consider restricting access to the /booklist.php endpoint or disabling the manipulation of the subcatnm argument until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.