Filtered by vendor Projectworlds
Subscriptions
Total
105 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43014 | 1 Projectworlds | 1 Asset Management System | 2024-11-21 | 8.8 High |
| Asset Management System v1.0 is vulnerable to an Authenticated SQL Injection vulnerability on the 'first_name' and 'last_name' parameters of user.php page, allowing an authenticated attacker to dump all the contents of the database contents. | ||||
| CVE-2023-43013 | 1 Projectworlds | 1 Asset Management System | 2024-11-21 | 9.8 Critical |
| Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external attacker to dump all the contents of the database contents and bypass the login control. | ||||
| CVE-2022-42066 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 6.1 Medium |
| Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php. | ||||
| CVE-2021-46307 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 9.8 Critical |
| An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. | ||||
| CVE-2021-46024 | 1 Projectworlds | 1 Online-shopping-webvsite-in-php | 2024-11-21 | 9.8 Critical |
| Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required. | ||||
| CVE-2021-45852 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php. | ||||
| CVE-2021-44866 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-11-21 | 7.5 High |
| An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database. | ||||
| CVE-2021-43631 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 9.8 Critical |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php. | ||||
| CVE-2021-43630 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 8.8 High |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web server. | ||||
| CVE-2021-43629 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 9.8 Critical |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. | ||||
| CVE-2021-43628 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 9.8 Critical |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. | ||||
| CVE-2021-43158 | 1 Projectworlds | 1 Online Shopping System In Php | 2024-11-21 | 4.3 Medium |
| In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. | ||||
| CVE-2021-43157 | 1 Projectworlds | 1 Online Shopping System In Php | 2024-11-21 | 9.8 Critical |
| Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | ||||
| CVE-2021-43156 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 6.5 Medium |
| In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book. | ||||
| CVE-2021-43155 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php. | ||||
| CVE-2020-29205 | 1 Projectworlds | 1 Travel Management System | 2024-11-21 | 6.1 Medium |
| XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field | ||||
| CVE-2020-27397 | 1 Projectworlds | 1 Online Matrimonial Project | 2024-11-21 | 8.8 High |
| Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP file. | ||||
| CVE-2020-25761 | 1 Projectworlds | 1 Visitor Management System In Php | 2024-11-21 | 6.1 Medium |
| Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive information etc. | ||||
| CVE-2020-25760 | 1 Projectworlds | 1 Visitor Management System In Php | 2024-11-21 | 8.8 High |
| Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database. | ||||
| CVE-2020-24203 | 1 Projectworlds | 1 Travel Management System | 2024-11-21 | 9.8 Critical |
| Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution. | ||||