CVE-2022-2748 LOW

CVE-2022-2748: SourceCodester Simple Online Book Store System edit.php cross site scripting

Vendor Sourcecodester
Product Simple Online Book Store System
Weakness CWE-79 · XSS
Published August 11, 2022
Last update April 15, 2025
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability was found in SourceCodester Simple Online Book Store System. It has been classified as problematic. Affected is an unknown function of the file /admin/edit.php. The manipulation of the argument eid leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-206016.

Key dates

02Disclosure timeline

August 11, 2022 CVE published
April 15, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-39665 WordPress SEO Friendly Images plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability CVE-2025-8607 SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2022-36108 Cross-Site Scripting in typo3/cms-core CVE-2025-23928 WordPress Google Org Chart plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability CVE-2023-49188 WordPress Track Geolocation Of Users Using Contact Form 7 Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)