Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-23833
Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote malicious users to execute arbitrary code on the hosting webserver via a malicious index.php POST request.
Projectworlds House Rental 1.0
6.1
CVSSv3
CVE-2022-42066
Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.
Projectworlds Online Examination System 1.0
9.8
CVSSv3
CVE-2021-46307
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.
Projectworlds Online Examination System 1.0
9.8
CVSSv3
CVE-2020-24199
Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows malicious users to conduct remote code execution.
Projectworlds Car Rental Project 1.0
8.8
CVSSv3
CVE-2020-27397
Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote malicious users to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP file.
Projectworlds Online Matrimonial Project 1.0
8.8
CVSSv3
CVE-2023-44480
Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setcasualleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Leave Management System 1.0
8.8
CVSSv3
CVE-2023-44481
Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Leave Management System 1.0
8.8
CVSSv3
CVE-2023-44482
Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Leave Management System 1.0
8.8
CVSSv3
CVE-2023-45115
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'ch' parameter of the /update.php?q=addqns resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
8.8
CVSSv3
CVE-2023-45116
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database.
Projectworlds Online Examination System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »