Vulnerabilities > Projectworlds

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-23	CVE-2021-46024	SQL Injection vulnerability in Projectworlds Online-Shopping-Webvsite-In-PHP 1.0 Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required. network low complexity projectworlds CWE-89 critical	9.8
2022-01-21	CVE-2021-46307	SQL Injection vulnerability in Projectworlds Online Examination System 1.0 An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. network low complexity projectworlds CWE-89 critical	9.8
2021-12-22	CVE-2021-43155	SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php. network low complexity projectworlds CWE-89 critical	9.8
2021-12-22	CVE-2021-43156	Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Book Store Project in PHP 1.0 In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book. network low complexity projectworlds CWE-352	6.5
2021-12-22	CVE-2021-43157	SQL Injection vulnerability in Projectworlds Online Shopping System in PHP 1.0 Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. network low complexity projectworlds CWE-89 critical	9.8
2021-12-22	CVE-2021-43158	Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Shopping System in PHP 1.0 In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. network low complexity projectworlds CWE-352	4.3
2021-12-22	CVE-2021-43628	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. network low complexity projectworlds CWE-89 critical	9.8
2021-12-22	CVE-2021-43629	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. network low complexity projectworlds CWE-89 critical	9.8
2021-12-22	CVE-2021-43630	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. network low complexity projectworlds CWE-89	8.8
2021-12-22	CVE-2021-43631	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php. network low complexity projectworlds CWE-89 critical	9.8

Vulnerabilities > Projectworlds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Projectworlds"}]}

Vulnerabilities > Projectworlds