Vulnerabilities > Projectworlds

DATE CVE VULNERABILITY TITLE RISK
2022-10-14 CVE-2022-42066 Cross-site Scripting vulnerability in Projectworlds Online Examination System 1.0
Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.
network
low complexity
projectworlds CWE-79
6.1
2022-03-16 CVE-2021-45852 Always-Incorrect Control Flow Implementation vulnerability in Projectworlds Hospital Management System in PHP 1.0
An issue was discovered in Projectworlds Hospital Management System v1.0.
network
low complexity
projectworlds CWE-670
5.3
2022-02-03 CVE-2021-44866 SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0.
network
low complexity
projectworlds CWE-89
7.5
2022-01-23 CVE-2021-46024 SQL Injection vulnerability in Projectworlds Online-Shopping-Webvsite-In-PHP 1.0
Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required.
network
low complexity
projectworlds CWE-89
critical
9.8
2022-01-21 CVE-2021-46307 SQL Injection vulnerability in Projectworlds Online Examination System 1.0
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.
network
low complexity
projectworlds CWE-89
critical
9.8
2021-12-22 CVE-2021-43155 SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php.
network
low complexity
projectworlds CWE-89
critical
9.8
2021-12-22 CVE-2021-43156 Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Book Store Project in PHP 1.0
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book.
network
low complexity
projectworlds CWE-352
6.5
2021-12-22 CVE-2021-43157 SQL Injection vulnerability in Projectworlds Online Shopping System in PHP 1.0
Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php.
network
low complexity
projectworlds CWE-89
critical
9.8
2021-12-22 CVE-2021-43158 Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Shopping System in PHP 1.0
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart.
network
low complexity
projectworlds CWE-352
4.3
2021-12-22 CVE-2021-43628 SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.
network
low complexity
projectworlds CWE-89
critical
9.8