Filtered by vendor Projectworlds
Subscribe
Total
90 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-45852 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php. | |||||
CVE-2021-43156 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book. | |||||
CVE-2021-46307 | 1 Projectworlds | 1 Online Examination System | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php. | |||||
CVE-2021-43157 | 1 Projectworlds | 1 Online Shopping System In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | |||||
CVE-2021-46024 | 1 Projectworlds | 1 Online-shopping-webvsite-in-php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required. | |||||
CVE-2021-43155 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php. | |||||
CVE-2021-44866 | 1 Projectworlds | 1 Online Movie Ticket Booking System | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database. | |||||
CVE-2021-43158 | 1 Projectworlds | 1 Online Shopping System In Php | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. | |||||
CVE-2021-43630 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in add_patient.php. As a result, an authenticated malicious user can compromise the databases system and in some cases leverage this vulnerability to get remote code execution on the remote web server. | |||||
CVE-2021-43629 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. | |||||
CVE-2021-43628 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. | |||||
CVE-2021-43631 | 1 Projectworlds | 1 Hospital Management System In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php. | |||||
CVE-2020-19114 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to edit_book.php, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2020-19111 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information. | |||||
CVE-2020-19108 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability in Online Book Store v1.0 via the pubid parameter to bookPerPub.php, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2020-19107 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability in Online Book Store v1.0 via the isbn parameter to edit_book.php, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2020-19110 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2020-19112 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2020-19109 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2020-19113 | 1 Projectworlds | 1 Online Book Store Project In Php | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution. |