Vulnerabilities > Projectworlds
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-14 | CVE-2022-42066 | Cross-site Scripting vulnerability in Projectworlds Online Examination System 1.0 Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php. | 6.1 |
2022-03-16 | CVE-2021-45852 | Always-Incorrect Control Flow Implementation vulnerability in Projectworlds Hospital Management System in PHP 1.0 An issue was discovered in Projectworlds Hospital Management System v1.0. | 5.3 |
2022-02-03 | CVE-2021-44866 | SQL Injection vulnerability in Projectworlds Online Movie Ticket Booking System 1.0 An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. | 7.5 |
2022-01-23 | CVE-2021-46024 | SQL Injection vulnerability in Projectworlds Online-Shopping-Webvsite-In-PHP 1.0 Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required. | 9.8 |
2022-01-21 | CVE-2021-46307 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. | 9.8 |
2021-12-22 | CVE-2021-43155 | SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php. | 9.8 |
2021-12-22 | CVE-2021-43156 | Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Book Store Project in PHP 1.0 In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book. | 6.5 |
2021-12-22 | CVE-2021-43157 | SQL Injection vulnerability in Projectworlds Online Shopping System in PHP 1.0 Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | 9.8 |
2021-12-22 | CVE-2021-43158 | Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Shopping System in PHP 1.0 In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. | 4.3 |
2021-12-22 | CVE-2021-43628 | SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. | 9.8 |