SQL injection in admin.php in Online Book Store 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23763
Reference (s):
- http://hidden-one.co.in/2021/04/09/cve-2020-23763-sql-injection-leading-to-authentication-bypass-in-online-book-store-1-0/
- https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/