Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-33880
hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter.
Hospital Management System Mini-project Project Hospital Management System Mini-project
9.8
CVSSv3
CVE-2020-29168
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows malicious users to gain sensitive information via the q parameter to the getuser.php endpoint.
Online Doctor Appointment Booking System Php And Mysql Project Online Doctor Appointment Booking System Php And Mysql 1.0
9.8
CVSSv3
CVE-2021-44095
A SQL injection vulnerability exists in ProjectWorlds Hospital Management System in php 1.0 on login page that allows a remote malicious user to compromise Application SQL database.
Hospital Management System Project Hospital Management System 1.0
NA
CVE-2024-22983
SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote malicious user to escalate privileges via the name parameter in the myform.php endpoint.
9.8
CVSSv3
CVE-2023-37152
Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Note: This has been disputed as not a valid vulnerability.
Online Art Gallery Project Online Art Gallery 1.0
6.1
CVSSv3
CVE-2020-23832
A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote malicious users to harvest an admin login session cookie and steal an admin session upon an admin login.
Car Rental Management System Project Car Rental Management System 1.0
6.5
CVSSv3
CVE-2020-25408
A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote malicious user to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores, location, and article data.
College Management System Project College Management System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10