Vulnerabilities > Projectworlds > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-23 | CVE-2021-46024 | SQL Injection vulnerability in Projectworlds Online-Shopping-Webvsite-In-PHP 1.0 Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required. | 9.8 |
| 2022-01-21 | CVE-2021-46307 | SQL Injection vulnerability in Projectworlds Online Examination System 1.0 An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. | 9.8 |
| 2021-12-22 | CVE-2021-43155 | SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php. | 9.8 |
| 2021-12-22 | CVE-2021-43157 | SQL Injection vulnerability in Projectworlds Online Shopping System in PHP 1.0 Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | 9.8 |
| 2021-12-22 | CVE-2021-43628 | SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. | 9.8 |
| 2021-12-22 | CVE-2021-43629 | SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. | 9.8 |
| 2021-12-22 | CVE-2021-43631 | SQL Injection vulnerability in Projectworlds Hospital Management System in PHP 1.0 Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php. | 9.8 |
| 2021-05-06 | CVE-2020-19107 | SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code. | 9.8 |
| 2021-05-06 | CVE-2020-19108 | SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code. | 9.8 |
| 2021-05-06 | CVE-2020-19109 | SQL Injection vulnerability in Projectworlds Online Book Store Project in PHP 1.0 SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code. | 9.8 |