Lucene search
K

672 matches found

CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

Projectworlds Hospital Management System 注入漏洞

Projectworlds Hospital Management System is a hospital management system developed by the Austrian company Projectworlds. Version 1.0 of the Projectworlds Hospital Management System has a SQL injection vulnerability. This vulnerability arises from the function getAllPatientDetail in the GET...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2026/04/06 10:15 a.m.17 views

CVE-2026-5645

CVE-2026-5645 affects the projectworlds Car Rental System 1.0. The vulnerability is in the Parameter Handler’s file /pay.php , where manipulating the mpesa argument can cause an SQL injection . The attack can be launched remotely, and the exploit has been made publicly available, with exploit mat...

7.5CVSS6.9AI score0.00274EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/06 10:15 a.m.4 views

CVE-2026-5645 projectworlds Car Rental System Parameter pay.php sql injection

A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be launched remotely...

7.5CVSS6.9AI score0.00274EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/06 10:15 a.m.30 views

CVE-2026-5645 projectworlds Car Rental System Parameter pay.php sql injection

A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be launched remotely...

7.5CVSS0.00274EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/06 8:15 a.m.27 views

CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS0.00259EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/06 8:15 a.m.2 views

CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/04/06 8:15 a.m.15 views

CVE-2026-5637

CVE-2026-5637 affects projectworlds Car Rental System 1.0. The vulnerability lies in the Parameter Handler’s unknown code path that manipulates the Message argument in /message_admin.php, leading to an SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly (explo...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/06 7:30 a.m.27 views

CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

7.5CVSS0.00259EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/06 7:30 a.m.3 views

CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection

A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
CVE
CVE
added 2026/04/06 7:30 a.m.10 views

CVE-2026-5634

CVE-2026-5634 affects the Projectworlds Car Rental Project 1.0. The vulnerability targets an unknown function in the file /book_car.php (Parameter Handler). Manipulating the fname argument results in a SQL injection, with remote, publicly available exploit code. The CVSS metrics in the connected ...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

Projectworlds Car Rental Project SQL注入漏洞

Projectworlds Car Rental Project is a car rental project of the Indian company Projectworlds. Version 1.0 of the Projectworlds Car Rental Project has a SQL injection vulnerability, which arises from improper handling of the parameter fname in the file/bookcar.php, potentially leading to SQL...

7.5CVSS7.2AI score0.00259EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30583

A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /message admin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
CVE
CVE
added 2026/04/02 5:15 p.m.12 views

CVE-2026-5368

CVE-2026-5368 affects projectworlds Car Rental Project 1.0. The vulnerable element is an unknown function in the file /login.php of the Parameter Handler; manipulating the uname argument enables an SQL injection. Exploitation is remote and has been publicly disclosed. Multiple sources (NVD, Red H...

9.8CVSS6.8AI score0.00333EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/02 5:15 p.m.19 views

CVE-2026-5368 projectworlds Car Rental Project Parameter login.php sql injection

A vulnerability was determined in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the argument uname causes sql injection. Remote exploitation of the attack is possible. The exploit h...

7.5CVSS0.00333EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/02 5:15 p.m.1 views

CVE-2026-5368 projectworlds Car Rental Project Parameter login.php sql injection

A vulnerability was determined in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the argument uname causes sql injection. Remote exploitation of the attack is possible. The exploit h...

7.5CVSS6.8AI score0.00333EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Projectworlds Car Rental Project SQL注入漏洞

Projectworlds Car Rental Project is a car rental project of the Indian company Projectworlds. Version 1.0 of the Projectworlds Car Rental Project has a SQL injection vulnerability. This vulnerability stems from incorrect operations with the parameter uname in the Parameter Handler component of th...

9.8CVSS7.2AI score0.00333EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.6 views

CVE-2026-4626

A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyerbooking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...

5.1CVSS4AI score0.00185EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/24 2:46 a.m.1 views

CVE-2026-4626 projectworlds Lawyer Management System lawyer_booking.php cross site scripting

A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyerbooking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...

5.1CVSS4AI score0.00185EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/24 2:46 a.m.25 views

CVE-2026-4626 projectworlds Lawyer Management System lawyer_booking.php cross site scripting

A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyerbooking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...

5.1CVSS0.00185EPSS
Exploits1References4
CVE
CVE
added 2026/03/24 2:46 a.m.16 views

CVE-2026-4626

CVE-2026-4626 affects the projectworlds Lawyer Management System 1.0. The vulnerability is a cross-site scripting (XSS) flaw triggered by manipulating the Description argument in the /lawyer_booking.php endpoint (also referred to as /lawyer booking.php in other sources). The issue is exploitable ...

5.4CVSS4AI score0.00185EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder