Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43014
Asset Management System v1.0 is vulnerable to an Authenticated SQL Injection vulnerability on the 'first_name' and 'last_name' parameters of user.php page, allowing an authenticated malicious user to dump all the contents of the database contents.
Projectworlds Asset Management System 1.0
NA
CVE-2023-5185
Gym Management System Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'file' parameter of profile/i.php page, allowing an authenticated malicious user to obtain Remote Code Execution on the server hosting the application.
Projectworlds Gym Management System Project 1.0
NA
CVE-2023-43740
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated malicious user to obtain Remote Code Execution on the server hosting the application.
Projectworlds Online Book Store Project 1.0
NA
CVE-2023-5053
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
Projectworlds Hospital Management System In Php 2018-06-17
NA
CVE-2023-44173
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site Scripting vulnerability.
Projectworlds Online Movie Ticket Booking System 1.0
NA
CVE-2023-43013
Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external malicious user to dump all the contents of the database contents and bypass the login control.
Projectworlds Asset Management System 1.0
NA
CVE-2023-5004
Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.
Projectworlds Hospital Management System In Php 2018-06-17
NA
CVE-2023-43144
Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the "id" parameter in delete.php.
Projectworlds Asset Management System Project In Php 1.0
1 Github repository
NA
CVE-2023-37152
Projectworlds Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Note: This has been disputed as not a valid vulnerability.
Online Art Gallery Project Online Art Gallery 1.0
NA
CVE-2020-29168
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows malicious users to gain sensitive information via the q parameter to the getuser.php endpoint.
Online Doctor Appointment Booking System Php And Mysql Project Online Doctor Appointment Booking System Php And Mysql 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »