Vulnerabilities > Projectworlds
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-21 | CVE-2023-45121 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 |
2023-12-21 | CVE-2023-45115 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 |
2023-12-21 | CVE-2023-45116 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 |
2023-12-21 | CVE-2023-45117 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'eid' parameter of the /update.php?q=rmquiz resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 |
2023-12-21 | CVE-2023-45118 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 |
2023-12-21 | CVE-2023-45119 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database. | 8.8 |
2023-12-20 | CVE-2023-48433 | SQL Injection vulnerability in Projectworlds Online Voting System Project 1.0 Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the login_action.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 |
2023-12-20 | CVE-2023-48434 | SQL Injection vulnerability in Projectworlds Online Voting System Project 1.0 Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the reg_action.php resource does not validate the characters received and they are sent unfiltered to the database. | 9.8 |
2023-11-07 | CVE-2023-46785 | Unspecified vulnerability in Projectworlds Online Matrimonial Project 1.0 Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |
2023-11-02 | CVE-2023-45338 | SQL Injection vulnerability in Projectworlds Online Food Ordering Script 1.0 Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. | 9.8 |