Vulnerabilities > Projectworlds > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-48716 SQL Injection vulnerability in Projectworlds Student Result Management System 1.0
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_id' parameter of the add_classes.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-12-20 CVE-2023-48433 SQL Injection vulnerability in Projectworlds Online Voting System Project 1.0
Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the login_action.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-12-20 CVE-2023-48434 SQL Injection vulnerability in Projectworlds Online Voting System Project 1.0
Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the reg_action.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-11-07 CVE-2023-46785 Unspecified vulnerability in Projectworlds Online Matrimonial Project 1.0
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
projectworlds
critical
 9.8
9.8
2023-11-02 CVE-2023-45338 SQL Injection vulnerability in Projectworlds Online Food Ordering Script 1.0
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-11-02 CVE-2023-45345 SQL Injection vulnerability in Projectworlds Online Food Ordering Script 1.0
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-11-02 CVE-2023-45346 SQL Injection vulnerability in Projectworlds Online Food Ordering Script 1.0
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-11-02 CVE-2023-45347 SQL Injection vulnerability in Projectworlds Online Food Ordering Script 1.0
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-11-02 CVE-2023-45323 SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter of the routers/add-item.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8
2023-11-02 CVE-2023-45325 SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0
Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.
network
low complexity
projectworlds CWE-89
critical
 9.8
9.8