Vendor CVEs
Projectworlds
All CVEs
200 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-12862 | Med | 0.41 | 6.3 | 0.00 | Nov 7, 2025 | A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /dashboard/userprofile.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be performed from… | ||
| CVE-2025-11426 | Med | 0.41 | 6.3 | 0.00 | Oct 8, 2025 | A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_book.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the… | ||
| CVE-2025-8247 | Med | 0.41 | 6.3 | 0.00 | Jul 28, 2025 | A vulnerability classified as critical has been found in Projectworlds Online Admission System 1.0. This affects an unknown part of the file /admin.php. The manipulation of the argument markof leads to sql injection. It is possible to initiate the attack remotely. The exploit… | ||
| CVE-2025-6136 | Med | 0.41 | 6.3 | 0.00 | Jun 16, 2025 | A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack may be… | ||
| CVE-2025-6135 | Med | 0.41 | 6.3 | 0.00 | Jun 16, 2025 | A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipulation of the argument client_id/nominee_id leads to sql injection. The attack can… | ||
| CVE-2025-6134 | Med | 0.41 | 6.3 | 0.00 | Jun 16, 2025 | A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of the argument client_id leads to sql injection. It is possible to initiate the… | ||
| CVE-2025-6133 | Med | 0.41 | 6.3 | 0.00 | Jun 16, 2025 | A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be… | ||
| CVE-2026-5811 | Med | 0.35 | 5.4 | 0.00 | Apr 8, 2026 | A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function save_product of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The… | ||
| CVE-2026-30527 | Med | 0.35 | 5.4 | 0.00 | Mar 27, 2026 | A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Category management module within the admin panel. The application fails to properly sanitize user input supplied to the "Category Name" field when creating or… | ||
| CVE-2025-11103 | Med | 0.31 | 4.7 | 0.00 | Sep 28, 2025 | A security vulnerability has been detected in Projectworlds Online Tours and Travels 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be… | ||
| CVE-2026-4626 | Low | 0.23 | 3.5 | 0.00 | Mar 24, 2026 | A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyer_booking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been… | ||
| CVE-2026-4596 | Low | 0.23 | 3.5 | 0.00 | Mar 23, 2026 | A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument first_Name leads to cross site scripting. The attack may be initiated remotely. The exploit is… | ||
| CVE-2026-1700 | Low | 0.23 | 3.5 | 0.00 | Jan 30, 2026 | A weakness has been identified in projectworlds House Rental and Property Listing 1.0. This vulnerability affects unknown code of the file /app/sms.php. This manipulation of the argument Message causes cross site scripting. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-12227 | Low | 0.23 | 3.5 | 0.00 | Oct 27, 2025 | A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly… | ||
| CVE-2026-0642 | Low | 0.16 | 2.4 | 0.00 | Jan 7, 2026 | A vulnerability was detected in projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /app/complaint.php. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit… | ||
| CVE-2025-12231 | Low | 0.16 | 2.4 | 0.00 | Oct 27, 2025 | A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expense_categories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is… | ||
| CVE-2025-12230 | Low | 0.16 | 2.4 | 0.00 | Oct 27, 2025 | A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack… | ||
| CVE-2025-12229 | Low | 0.16 | 2.4 | 0.00 | Oct 27, 2025 | A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The… | ||
| CVE-2025-12228 | Low | 0.16 | 2.4 | 0.00 | Oct 27, 2025 | A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out… | ||
| CVE-2025-11425 | Low | 0.16 | 2.4 | 0.00 | Oct 8, 2025 | A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /edit_admin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-11067 | Low | 0.16 | 2.4 | 0.00 | Sep 27, 2025 | A vulnerability has been found in Projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /myform.php of the component Add Visitor Page. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is… | ||
| CVE-2021-45835 | 0.02 | — | 0.03 | Mar 18, 2022 | The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution. | |||
| CVE-2021-37372 | 0.01 | — | 0.03 | Oct 26, 2021 | Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. A low privileged user can upload malicious PHP files by updating their profile image to gain remote code execution. | |||
| CVE-2026-30531 | 0.00 | — | 0.00 | Mar 27, 2026 | A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_category action). The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker… | |||
| CVE-2026-30532 | 0.00 | — | 0.00 | Mar 27, 2026 | A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/view_product.php file via the "id" parameter. | |||
| CVE-2026-30533 | 0.00 | — | 0.00 | Mar 27, 2026 | A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage_product.php file via the "id" parameter. | |||
| CVE-2026-30530 | 0.00 | — | 0.00 | Mar 27, 2026 | A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_customer action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject… | |||
| CVE-2026-30529 | 0.00 | — | 0.00 | Mar 27, 2026 | A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_user action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker… | |||
| CVE-2026-30534 | 0.00 | — | 0.00 | Mar 27, 2026 | A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/manage_category.php via the "id" parameter. | |||
| CVE-2025-70147 | 0.00 | — | 0.00 | Feb 18, 2026 | Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information (including plaintext password field values) via direct HTTP GET requests to these endpoints without a… | |||
| CVE-2025-70146 | 0.00 | — | 0.00 | Feb 18, 2026 | Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations (e.g.,adding records, deleting records) via direct HTTP requests to affected… | |||
| CVE-2025-60311 | 0.00 | — | 0.00 | Oct 8, 2025 | ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page | |||
| CVE-2025-5008 | 0.00 | — | 0.00 | May 20, 2025 | A vulnerability was found in projectworlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_teacher.php. The manipulation of the argument e leads to sql injection. The attack may be… | |||
| CVE-2025-5004 | 0.00 | — | 0.00 | May 20, 2025 | A vulnerability was found in projectworlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/add_course.php. The manipulation of the argument c/subname leads to sql injection. The attack may be initiated… | |||
| CVE-2025-5003 | 0.00 | — | 0.00 | May 20, 2025 | A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semester_ajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.… | |||
| CVE-2025-4936 | 0.00 | — | 0.00 | May 19, 2025 | A vulnerability was found in projectworlds Online Food Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin-page.php. The manipulation of the argument 1_price leads to sql injection. It is possible to launch the attack… | |||
| CVE-2025-4932 | 0.00 | — | 0.00 | May 19, 2025 | A vulnerability, which was classified as critical, has been found in projectworlds Online Lawyer Management System 1.0. Affected by this issue is some unknown functionality of the file /lawyer_registation.php. The manipulation of the argument email leads to sql injection. The… | |||
| CVE-2025-4931 | 0.00 | — | 0.00 | May 19, 2025 | A vulnerability classified as critical was found in projectworlds Online Lawyer Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /user_registation.php. The manipulation of the argument email leads to sql injection. The attack can be… | |||
| CVE-2025-4928 | 0.00 | — | 0.00 | May 19, 2025 | A vulnerability was found in projectworlds Online Lawyer Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /save_lawyer_edit_profile.php. The manipulation leads to sql injection. The attack can be initiated remotely. The… | |||
| CVE-2025-4837 | 0.00 | — | 0.00 | May 17, 2025 | A vulnerability classified as critical has been found in projectworlds Student Project Allocation System 1.0. This affects an unknown part of the file /make_group_sql.php. The manipulation of the argument mem1/mem2/mem3 leads to sql injection. It is possible to initiate the… | |||
| CVE-2025-4836 | 0.00 | — | 0.00 | May 17, 2025 | A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /deleteAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be… | |||
| CVE-2025-4739 | 0.00 | — | 0.00 | May 16, 2025 | A vulnerability was found in projectworlds Hospital Database Management System 1.0. It has been classified as critical. This affects an unknown part of the file /medicines_info.php. The manipulation of the argument Med_ID leads to sql injection. It is possible to initiate the… | |||
| CVE-2025-4482 | 0.00 | — | 0.00 | May 9, 2025 | A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /change_pass/forgot_password_sql.php. The manipulation of the argument Pat_BloodGroup1 leads to sql… | |||
| CVE-2025-4457 | 0.00 | — | 0.01 | May 9, 2025 | A vulnerability classified as critical was found in Project Worlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely.… | |||
| CVE-2025-4456 | 0.00 | — | 0.01 | May 9, 2025 | A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has… | |||
| CVE-2025-3176 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability was found in Project Worlds Online Lawyer Management System 1.0. It has been classified as critical. This affects an unknown part of the file /single_lawyer.php. The manipulation of the argument u_id leads to sql injection. It is possible to initiate the attack… | |||
| CVE-2025-3175 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /save_user_edit_profile.php. The manipulation of the argument first_Name leads to sql injection. The… | |||
| CVE-2025-3174 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability has been found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /searchLawyer.php. The manipulation of the argument experience leads to sql injection. The… | |||
| CVE-2025-3173 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability, which was classified as critical, was found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the file /save_booking.php. The manipulation of the argument lawyer_id/description leads to sql injection. It is possible to… | |||
| CVE-2025-3172 | 0.00 | — | 0.00 | Apr 3, 2025 | A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyer_booking.php. The manipulation of the argument unblock_id leads to sql injection. The attack may… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /dashboard/userprofile.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be performed from…
- risk 0.41cvss 6.3epss 0.00
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_book.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the…
- risk 0.41cvss 6.3epss 0.00
A vulnerability classified as critical has been found in Projectworlds Online Admission System 1.0. This affects an unknown part of the file /admin.php. The manipulation of the argument markof leads to sql injection. It is possible to initiate the attack remotely. The exploit…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack may be…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipulation of the argument client_id/nominee_id leads to sql injection. The attack can…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of the argument client_id leads to sql injection. It is possible to initiate the…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be…
- risk 0.35cvss 5.4epss 0.00
A vulnerability was identified in SourceCodester Online Food Ordering System 1.0. Affected by this issue is the function save_product of the file /Actions.php of the component POST Parameter Handler. Such manipulation of the argument price leads to business logic errors. The…
- risk 0.35cvss 5.4epss 0.00
A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Category management module within the admin panel. The application fails to properly sanitize user input supplied to the "Category Name" field when creating or…
- risk 0.31cvss 4.7epss 0.00
A security vulnerability has been detected in Projectworlds Online Tours and Travels 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/change-image.php. The manipulation of the argument packageimage leads to unrestricted upload. The attack may be…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyer_booking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was identified in projectworlds Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyers.php. The manipulation of the argument first_Name leads to cross site scripting. The attack may be initiated remotely. The exploit is…
- risk 0.23cvss 3.5epss 0.00
A weakness has been identified in projectworlds House Rental and Property Listing 1.0. This vulnerability affects unknown code of the file /app/sms.php. This manipulation of the argument Message causes cross site scripting. It is possible to initiate the attack remotely. The…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was detected in projectworlds House Rental and Property Listing 1.0. This issue affects some unknown processing of the file /app/complaint.php. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit…
- risk 0.16cvss 2.4epss 0.00
A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expense_categories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is…
- risk 0.16cvss 2.4epss 0.00
A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack…
- risk 0.16cvss 2.4epss 0.00
A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /edit_admin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The…
- risk 0.16cvss 2.4epss 0.00
A vulnerability has been found in Projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /myform.php of the component Add Visitor Page. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is…
- CVE-2021-45835Mar 18, 2022risk 0.02cvss —epss 0.03
The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution.
- CVE-2021-37372Oct 26, 2021risk 0.01cvss —epss 0.03
Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. A low privileged user can upload malicious PHP files by updating their profile image to gain remote code execution.
- CVE-2026-30531Mar 27, 2026risk 0.00cvss —epss 0.00
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_category action). The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker…
- CVE-2026-30532Mar 27, 2026risk 0.00cvss —epss 0.00
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/view_product.php file via the "id" parameter.
- CVE-2026-30533Mar 27, 2026risk 0.00cvss —epss 0.00
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage_product.php file via the "id" parameter.
- CVE-2026-30530Mar 27, 2026risk 0.00cvss —epss 0.00
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_customer action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject…
- CVE-2026-30529Mar 27, 2026risk 0.00cvss —epss 0.00
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_user action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker…
- CVE-2026-30534Mar 27, 2026risk 0.00cvss —epss 0.00
A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/manage_category.php via the "id" parameter.
- CVE-2025-70147Feb 18, 2026risk 0.00cvss —epss 0.00
Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information (including plaintext password field values) via direct HTTP GET requests to these endpoints without a…
- CVE-2025-70146Feb 18, 2026risk 0.00cvss —epss 0.00
Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations (e.g.,adding records, deleting records) via direct HTTP requests to affected…
- CVE-2025-60311Oct 8, 2025risk 0.00cvss —epss 0.00
ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page
- CVE-2025-5008May 20, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in projectworlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_teacher.php. The manipulation of the argument e leads to sql injection. The attack may be…
- CVE-2025-5004May 20, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in projectworlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/add_course.php. The manipulation of the argument c/subname leads to sql injection. The attack may be initiated…
- CVE-2025-5003May 20, 2025risk 0.00cvss —epss 0.00
A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semester_ajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely.…
- CVE-2025-4936May 19, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in projectworlds Online Food Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin-page.php. The manipulation of the argument 1_price leads to sql injection. It is possible to launch the attack…
- CVE-2025-4932May 19, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in projectworlds Online Lawyer Management System 1.0. Affected by this issue is some unknown functionality of the file /lawyer_registation.php. The manipulation of the argument email leads to sql injection. The…
- CVE-2025-4931May 19, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in projectworlds Online Lawyer Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /user_registation.php. The manipulation of the argument email leads to sql injection. The attack can be…
- CVE-2025-4928May 19, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in projectworlds Online Lawyer Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /save_lawyer_edit_profile.php. The manipulation leads to sql injection. The attack can be initiated remotely. The…
- CVE-2025-4837May 17, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in projectworlds Student Project Allocation System 1.0. This affects an unknown part of the file /make_group_sql.php. The manipulation of the argument mem1/mem2/mem3 leads to sql injection. It is possible to initiate the…
- CVE-2025-4836May 17, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /deleteAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be…
- CVE-2025-4739May 16, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in projectworlds Hospital Database Management System 1.0. It has been classified as critical. This affects an unknown part of the file /medicines_info.php. The manipulation of the argument Med_ID leads to sql injection. It is possible to initiate the…
- CVE-2025-4482May 9, 2025risk 0.00cvss —epss 0.00
A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /change_pass/forgot_password_sql.php. The manipulation of the argument Pat_BloodGroup1 leads to sql…
- CVE-2025-4457May 9, 2025risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Project Worlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/approve.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely.…
- CVE-2025-4456May 9, 2025risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Project Worlds Car Rental Project 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname leads to sql injection. It is possible to launch the attack remotely. The exploit has…
- CVE-2025-3176Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in Project Worlds Online Lawyer Management System 1.0. It has been classified as critical. This affects an unknown part of the file /single_lawyer.php. The manipulation of the argument u_id leads to sql injection. It is possible to initiate the attack…
- CVE-2025-3175Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /save_user_edit_profile.php. The manipulation of the argument first_Name leads to sql injection. The…
- CVE-2025-3174Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability has been found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /searchLawyer.php. The manipulation of the argument experience leads to sql injection. The…
- CVE-2025-3173Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, was found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the file /save_booking.php. The manipulation of the argument lawyer_id/description leads to sql injection. It is possible to…
- CVE-2025-3172Apr 3, 2025risk 0.00cvss —epss 0.00
A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyer_booking.php. The manipulation of the argument unblock_id leads to sql injection. The attack may…
Page 2 of 4