EUVD-2020-18411

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Projectworlds Visitor Management System allows SQL Injection via unvalidated 'rid' parameter in front.php

Reporter	Title	Published	Views	Family All 10
CVE	CVE-2020-25760	29 Sep 202019:00	–	cve
Cvelist	CVE-2020-25760	29 Sep 202019:00	–	cvelist
Exploit DB	Visitor Management System in PHP 1.0 - SQL Injection (Authenticated)	20 Oct 202000:00	–	exploitdb
NVD	CVE-2020-25760	30 Sep 202018:15	–	nvd
OSV	CVE-2020-25760	30 Sep 202018:15	–	osv
Packet Storm	Visitor Management System In PHP 1.0 SQL Injection	22 Sep 202000:00	–	packetstorm
Packet Storm	Visitor Management System In PHP 1.0 SQL Injection	20 Oct 202000:00	–	packetstorm
Prion	Sql injection	30 Sep 202018:15	–	prion
Positive Technologies	PT-2020-16186	29 Sep 202000:00	–	ptsecurity
RedhatCVE	CVE-2020-25760	22 May 202516:18	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "e4f6692f-0f7a-346b-a665-8ea42aae42da",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "6af980d0-2436-3c88-ba75-8a7166769419",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2020-25760
seclists	www.seclists.org/fulldisclosure/2020/Sep/43
packetstormsecurity	www.packetstormsecurity.com/files/159262/Visitor-Management-System-In-PHP-1.0-SQL-Injection.html
packetstormsecurity	www.packetstormsecurity.com/files/author/15149/
packetstormsecurity	www.packetstormsecurity.com/files/159637/Visitor-Management-System-In-PHP-1.0-SQL-Injection.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

8.5High risk

Vulners AI Score8.5

CVSS 3.18.8

CVSS 26.5

EPSS0.00366