Vulnerabilities > Projectworlds > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-28 | CVE-2024-10433 | Cross-site Scripting vulnerability in Projectworlds Simple Web-Based Chat Application 1.0 A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. | 6.1 |
| 2024-01-19 | CVE-2024-0726 | Cross-site Scripting vulnerability in Projectworlds Student Project Allocation System 1.0 A vulnerability was found in Project Worlds Student Project Allocation System 1.0. | 6.1 |
| 2024-01-07 | CVE-2024-0262 | Unspecified vulnerability in Projectworlds Online JOB Portal 1.0 A vulnerability was found in Online Job Portal 1.0 and classified as problematic. | 4.8 |
| 2023-09-28 | CVE-2023-44174 | Cross-site Scripting vulnerability in Projectworlds Online Movie Ticket Booking System 1.0 Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site Scripting vulnerability. | 5.4 |
| 2023-09-28 | CVE-2023-44173 | Cross-site Scripting vulnerability in Projectworlds Online Movie Ticket Booking System 1.0 Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability. | 5.4 |
| 2022-10-14 | CVE-2022-42066 | Cross-site Scripting vulnerability in Projectworlds Online Examination System 1.0 Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php. | 6.1 |
| 2022-03-16 | CVE-2021-45852 | Always-Incorrect Control Flow Implementation vulnerability in Projectworlds Hospital Management System in PHP 1.0 An issue was discovered in Projectworlds Hospital Management System v1.0. | 5.3 |
| 2021-12-22 | CVE-2021-43156 | Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Book Store Project in PHP 1.0 In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book. | 6.5 |
| 2021-12-22 | CVE-2021-43158 | Cross-Site Request Forgery (CSRF) vulnerability in Projectworlds Online Shopping System in PHP 1.0 In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. | 4.3 |
| 2021-05-17 | CVE-2020-29205 | Cross-site Scripting vulnerability in Projectworlds Travel Management System 1.0 XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field | 6.1 |