Filtered by vendor Projectworlds
Subscriptions
Total
213 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43630 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 8.8 High |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web server. | ||||
| CVE-2021-43629 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 9.8 Critical |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. | ||||
| CVE-2021-43628 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-11-21 | 9.8 Critical |
| Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. | ||||
| CVE-2021-43156 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 6.5 Medium |
| In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book. | ||||
| CVE-2021-43155 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php. | ||||
| CVE-2020-29205 | 1 Projectworlds | 1 Travel Management System | 2024-11-21 | 6.1 Medium |
| XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field | ||||
| CVE-2020-27397 | 1 Projectworlds | 1 Online Matrimonial Project | 2024-11-21 | 8.8 High |
| Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP file. | ||||
| CVE-2020-24203 | 1 Projectworlds | 1 Travel Management System | 2024-11-21 | 9.8 Critical |
| Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution. | ||||
| CVE-2020-24202 | 1 Projectworlds | 1 House Rental And Property Listing Project | 2024-11-21 | 9.8 Critical |
| File Upload component in Projects World House Rental v1.0 suffers from an arbitrary file upload vulnerability with regular users, which allows remote attackers to conduct code execution. | ||||
| CVE-2020-24199 | 1 Projectworlds | 1 Car Rental Project | 2024-11-21 | 9.8 Critical |
| Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows attackers to conduct remote code execution. | ||||
| CVE-2020-23833 | 1 Projectworlds | 1 House Rental | 2024-11-21 | 9.8 Critical |
| Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request. | ||||
| CVE-2020-19114 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to edit_book.php, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-19113 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution. | ||||
| CVE-2020-19112 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-19111 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information. | ||||
| CVE-2020-19110 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-19109 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-19108 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-19107 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2020-11545 | 1 Projectworlds | 1 Official Car Rental System | 2024-11-21 | 9.8 Critical |
| Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt. | ||||