| CVE-2025-9928 | Hig | 0.47 | 7.3 | 0.00 | | Sep 3, 2025 | A security flaw has been discovered in projectworlds Travel Management System 1.0. The impacted element is an unknown function of the file /viewcategory.php. Performing manipulation of the argument t1 results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. |
| CVE-2025-9927 | Hig | 0.47 | 7.3 | 0.00 | | Sep 3, 2025 | A vulnerability was identified in projectworlds Travel Management System 1.0. The affected element is an unknown function of the file /viewpackage.php. Such manipulation of the argument t1 leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. |
| CVE-2025-9926 | Hig | 0.47 | 7.3 | 0.00 | | Sep 3, 2025 | A vulnerability was determined in projectworlds Travel Management System 1.0. Impacted is an unknown function of the file /viewsubcategory.php. This manipulation of the argument t1 causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. |
| CVE-2025-9925 | Hig | 0.47 | 7.3 | 0.00 | | Sep 3, 2025 | A vulnerability was found in projectworlds Travel Management System 1.0. This issue affects some unknown processing of the file /detail.php. The manipulation of the argument pid results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. |
| CVE-2025-9924 | Hig | 0.47 | 7.3 | 0.00 | | Sep 3, 2025 | A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /enquiry.php. The manipulation of the argument t2 leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. |
| CVE-2025-9053 | Hig | 0.47 | 7.3 | 0.00 | | Aug 15, 2025 | A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /updatesubcategory.php. The manipulation of the argument t1/s1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-9052 | Hig | 0.47 | 7.3 | 0.00 | | Aug 15, 2025 | A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the file /updatepackage.php. The manipulation of the argument s1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-9051 | Hig | 0.47 | 7.3 | 0.00 | | Aug 15, 2025 | A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. |
| CVE-2025-9050 | Hig | 0.47 | 7.3 | 0.00 | | Aug 15, 2025 | A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /addcategory.php. The manipulation of the argument t1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
