283 matches found
CVE-2025-6136
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipulation of the argument reciptno leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-6136
Projectworlds Life Insurance Management System 1.0 contains a SQL injection in /insertPayment.php caused by manipulating the recipt_no parameter. This vulnerability can be exploited remotely and has had publicly disclosed exploits. Mitigation available in the connected PT-2025-25584 entry suggest...
CVE-2025-6136 Projectworlds Life Insurance Management System insertPayment.php sql injection
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipulation of the argument reciptno leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-6136 Projectworlds Life Insurance Management System insertPayment.php sql injection
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipulation of the argument reciptno leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-6135
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipulation of the argument clientid/nomineeid leads to sql injection. The attack can be initiated...
CVE-2025-6135 Projectworlds Life Insurance Management System insertNominee.php sql injection
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipulation of the argument clientid/nomineeid leads to sql injection. The attack can be initiated...
CVE-2025-6135 Projectworlds Life Insurance Management System insertNominee.php sql injection
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipulation of the argument clientid/nomineeid leads to sql injection. The attack can be initiated...
CVE-2025-6135
CVE-2025-6135 affects Projectworlds Life Insurance Management System v1.0. The vulnerability resides in /insertNominee.php, where manipulation of the arguments client_id/nominee_id enables SQL injection. Reports indicate remote exploitation with the exploit disclosed publicly. Affected components...
CVE-2025-6134 Projectworlds Life Insurance Management System insertClient.php sql injection
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of the argument clientid leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2025-6134
Projectworlds Life Insurance Management System 1.0 contains a SQL injection vulnerability in /insertClient.php, caused by manipulation of the client_id parameter. Remote exploitation is possible, and public disclosures exist. Other parameters may be affected. Connected sources note a remediation ...
CVE-2025-6134 Projectworlds Life Insurance Management System insertClient.php sql injection
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of the argument clientid leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2025-6133
A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The manipulation of the argument agentid leads to sql injection. The attack may be launched remotely. The...
CVE-2025-6133 Projectworlds Life Insurance Management System insertagent.php sql injection
A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The manipulation of the argument agentid leads to sql injection. The attack may be launched remotely. The...
CVE-2025-6133
Projectworlds Life Insurance Management System 1.0 contains a SQL injection in /insertagent.php via the agent_id parameter. The vulnerability, described as critical, may be exploitable remotely and is supported by publicly disclosed PoCs. Multiple connected sources confirm the issue without a kno...
PT-2025-25579 · Unknown · Projectworlds Life Insurance Management System
Name of the Vulnerable Software and Affected Versions: Projectworlds Life Insurance Management System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file /insertagent.php. The manipulation of the agent id argument leads to SQL...
PT-2025-25582 · Unknown · Projectworlds Life Insurance Management System
Name of the Vulnerable Software and Affected Versions: Projectworlds Life Insurance Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file /insertClient.php. The manipulation of the client id argument leads to SQL injection. It i...
PT-2025-25584 · Unknown · Projectworlds Life Insurance Management System
Name of the Vulnerable Software and Affected Versions: Projectworlds Life Insurance Management System version 1.0 Description: A critical issue affects the processing of the file "/insertPayment.php". The manipulation of the argument recipt no leads to SQL injection. The attack may be initiated...
CVE-2024-7916
A vulnerability classified as problematic was found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file addNominee.php of the component Add Nominee Page. The manipulation of the argument Nominee-Client ID leads to cro...
CVE-2024-31502
An issue in Insurance Management System v.1.0.0 and before allows a remote attacker to escalate privileges via a crafted POST request to /admin/core/newstaff...
CVE-2024-31648
Cross Site Scripting XSS in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter at /core/newcategory2...