Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48433
Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the login_action.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Voting System Project 1.0
9.8
CVSSv3
CVE-2023-48434
Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the reg_action.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Voting System Project 1.0
7.2
CVSSv3
CVE-2020-11544
An issue exists in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via add_cars.php. There are no upload rest...
Projectworlds Official Car Rental System 1.0
9.8
CVSSv3
CVE-2020-11545
Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an malicious user to dump the MySQL database a...
Projectworlds Official Car Rental System 1.0
9.8
CVSSv3
CVE-2023-48716
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_id' parameter of the add_classes.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Student Result Management System 1.0
8.8
CVSSv3
CVE-2023-43740
Online Book Store Project v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'image' parameter of admin_edit.php page, allowing an authenticated malicious user to obtain Remote Code Execution on the server hosting the application.
Projectworlds Online Book Store Project 1.0
9.8
CVSSv3
CVE-2024-22922
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe malicious user to escalate privileges via a crafted script to the login page in the POST/index.php
Projectworlds Visitor Management System In Php 1.0
7.5
CVSSv3
CVE-2021-44866
An issue exists in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database.
Projectworlds Online Movie Ticket Booking System 1.0
9.8
CVSSv3
CVE-2021-46024
Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required.
Projectworlds Online-shopping-webvsite-in-php 1.0
9.8
CVSSv3
CVE-2023-44163
The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Movie Ticket Booking System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »