Vulnerabilities > Projectworlds

DATE	CVE	VULNERABILITY TITLE	RISK
2021-12-22	CVE-2021-43628	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. network low complexity projectworlds CWE-89 critical	9.8
2021-12-22	CVE-2021-43629	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. network low complexity projectworlds CWE-89 critical	9.8
2021-12-22	CVE-2021-43630	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. network low complexity projectworlds CWE-89	8.8
2021-12-22	CVE-2021-43631	SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php. network low complexity projectworlds CWE-89 critical	9.8
2021-05-17	CVE-2020-29205	Cross-site Scripting vulnerability in Projectworlds Travel Management System 1.0 XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field network low complexity projectworlds CWE-79	6.1
2021-05-06	CVE-2020-19107	SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code. network low complexity projectworlds CWE-89 critical	9.8
2021-05-06	CVE-2020-19108	SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code. network low complexity projectworlds CWE-89 critical	9.8
2021-05-06	CVE-2020-19109	SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code. network low complexity projectworlds CWE-89 critical	9.8
2021-05-06	CVE-2020-19110	SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code. network low complexity projectworlds CWE-89 critical	9.8
2021-05-06	CVE-2020-19111	Improper Authentication vulnerability in Projectworlds Online Book Store Project in PHP 1.0 Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information. network low complexity projectworlds CWE-287 critical	9.8

Vulnerabilities > Projectworlds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Projectworlds"}]}

Vulnerabilities > Projectworlds