CSE Bookstore 1.0 SQL Injection

Posted on 28 December 2020

CSE Bookstore version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Alper Basaran in October of 2020.