VYPR

Visitor Management System

by Projectworlds

CVEs (10)

  • CVE-2025-9047HigAug 15, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /visitor_out.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed…

  • CVE-2025-8948HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /front.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the…

  • CVE-2025-8947HigAug 14, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in projectworlds Visitor Management System 1.0. This issue affects some unknown processing of the file /query_data.php. The manipulation of the argument dateF/dateP leads to sql injection. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-11067LowSep 27, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability has been found in Projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /myform.php of the component Add Visitor Page. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is…

  • CVE-2025-2657Mar 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in projectworlds Apartment Visitors Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /front.php. The manipulation of the argument rid leads to sql injection. The attack can be launched…

  • CVE-2024-22983Feb 28, 2024
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint.

  • CVE-2024-22922Jan 25, 2024
    risk 0.00cvss epss 0.01

    An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php

  • CVE-2024-0650Jan 17, 2024
    risk 0.00cvss epss 0.01

    A vulnerability was found in Project Worlds Visitor Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file dataset.php of the component URL Handler. The manipulation of the argument name with the input…

  • CVE-2020-25761Sep 29, 2020
    risk 0.00cvss epss 0.02

    Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive…

  • CVE-2020-25760Sep 29, 2020
    risk 0.00cvss epss 0.02

    Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database.