Vulnerabilities > Projectworlds > Online Shopping System IN PHP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-22 | CVE-2021-43157 | SQL Injection vulnerability in Projectworlds Online Shopping System in PHP 1.0 Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | 7.5 |
| 2021-12-22 | CVE-2021-43158 | Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Shopping System in PHP 1.0 In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. | 4.3 |