CVE-2025-12229 projectworlds Expense Management System Roles Page create cross site scripting

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12229

Projectworlds Expense Management System 1.0 is reportedly vulnerable to cross-site scripting via the /public/admin/roles/create function in the Roles Page. Affected component is the Roles Page, with the root cause described as manipulation of an unknown function in that file. The vulnerability en...

CVE-2025-12228 projectworlds Expense Management System Users Page create cross site scripting

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-12228 projectworlds Expense Management System Users Page create cross site scripting

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-12228

CVE-2025-12228 affects projectworlds Expense Management System 1.0. The flaw is in an unknown function of the file /public/admin/users/create on the Users Page, resulting in cross-site scripting (XSS) . Exploitation is described as remote, with publicly available exploit code. Multiple connected ...

CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

CVE-2025-12227

Projectworlds Gate Pass Management System 1.0 is affected by a cross-site scripting vulnerability in an unknown function within /add-pass.php. The issue can be exploited remotely, with public disclosure of the exploit noted in multiple feeds. The root cause is described as an unknown function in ...

CVE-2025-12215

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-12215

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

EUVD-2025-36078

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-12215 projectworlds Online Shopping System login_submit.php sql injection

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-12215 projectworlds Online Shopping System login_submit.php sql injection

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-12215

CVE-2025-12215 affects projectworlds Online Shopping System 1.0, specifically the /login_submit.php file. The issue is an input handling flaw where manipulating the keywords argument enables SQL injection. The vulnerability is remote and has had exploits published. Multiple sources flag high risk...

PT-2025-43885

Name of the Vulnerable Software and Affected Versions projectworlds Expense Management System version 1.0 Description A weakness exists in projectworlds Expense Management System version 1.0 that allows for cross site scripting. The issue impacts an unknown function within the Currency Page...

projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in version 1.0 of the projectworlds Expense Management System, which stems from an incorrect manipulation of an unknown function in the file...

Projectworlds Expense Management System 安全漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A security vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from misuse of an unknown function in the file /public/admin/currencies/create, and could lea...

PT-2025-43886

Name of the Vulnerable Software and Affected Versions projectworlds Expense Management System version 1.0 Description A security issue exists in the Expense Categories Page component of projectworlds Expense Management System. The issue involves an unknown function within the /public/admin/expens...

PT-2025-43881

Name of the Vulnerable Software and Affected Versions projectworlds Gate Pass Management System version 1.0 Description A flaw exists in projectworlds Gate Pass Management System that allows for cross site scripting. The issue is located in an unknown function within the /add-pass.php file. This...

PT-2025-43875

Name of the Vulnerable Software and Affected Versions projectworlds Online Shopping System version 1.0 Description A flaw has been identified in projectworlds Online Shopping System 1.0. The issue involves a potential SQL injection affecting an unknown function within the /login submit.php file...