CVE-2025-14647

CVSS v3.1

9.8

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Computer Book Store version 1.0

Description A weakness exists in Computer Book Store version 1.0 related to SQL injection. The issue is located in the

/admin delete.php

file, specifically within an unknown function. Manipulation of the

bookisbn

argument can trigger the SQL injection. The attack can be initiated remotely, and the exploit has been publicly released.

Recommendations Apply a fix to the vulnerable function in

/admin delete.php

to prevent manipulation of the

bookisbn

argument.

Exploit

Fix

SQL injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2025-14647

Computer Book Store