672 matches found
Projectworlds Hospital Management System 注入漏洞
Projectworlds Hospital Management System is a hospital management system developed by the Austrian company Projectworlds. Version 1.0 of the Projectworlds Hospital Management System has a SQL injection vulnerability. This vulnerability arises from the function getAllPatientDetail in the GET...
CVE-2026-5645
CVE-2026-5645 affects the projectworlds Car Rental System 1.0. The vulnerability is in the Parameter Handler’s file /pay.php , where manipulating the mpesa argument can cause an SQL injection . The attack can be launched remotely, and the exploit has been made publicly available, with exploit mat...
CVE-2026-5645 projectworlds Car Rental System Parameter pay.php sql injection
A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be launched remotely...
CVE-2026-5645 projectworlds Car Rental System Parameter pay.php sql injection
A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be launched remotely...
CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection
A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...
CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection
A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /messageadmin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...
CVE-2026-5637
CVE-2026-5637 affects projectworlds Car Rental System 1.0. The vulnerability lies in the Parameter Handler’s unknown code path that manipulates the Message argument in /message_admin.php, leading to an SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly (explo...
CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection
A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...
CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection
A vulnerability was identified in projectworlds Car Rental Project 1.0. Affected by this vulnerability is an unknown functionality of the file /bookcar.php of the component Parameter Handler. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The...
CVE-2026-5634
CVE-2026-5634 affects the Projectworlds Car Rental Project 1.0. The vulnerability targets an unknown function in the file /book_car.php (Parameter Handler). Manipulating the fname argument results in a SQL injection, with remote, publicly available exploit code. The CVSS metrics in the connected ...
Projectworlds Car Rental Project SQL注入漏洞
Projectworlds Car Rental Project is a car rental project of the Indian company Projectworlds. Version 1.0 of the Projectworlds Car Rental Project has a SQL injection vulnerability, which arises from improper handling of the parameter fname in the file/bookcar.php, potentially leading to SQL...
PT-2026-30583
A security vulnerability has been detected in projectworlds Car Rental System 1.0. This vulnerability affects unknown code of the file /message admin.php of the component Parameter Handler. Such manipulation of the argument Message leads to sql injection. The attack may be launched remotely. The...
CVE-2026-5368
CVE-2026-5368 affects projectworlds Car Rental Project 1.0. The vulnerable element is an unknown function in the file /login.php of the Parameter Handler; manipulating the uname argument enables an SQL injection. Exploitation is remote and has been publicly disclosed. Multiple sources (NVD, Red H...
CVE-2026-5368 projectworlds Car Rental Project Parameter login.php sql injection
A vulnerability was determined in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the argument uname causes sql injection. Remote exploitation of the attack is possible. The exploit h...
CVE-2026-5368 projectworlds Car Rental Project Parameter login.php sql injection
A vulnerability was determined in projectworlds Car Rental Project 1.0. The affected element is an unknown function of the file /login.php of the component Parameter Handler. This manipulation of the argument uname causes sql injection. Remote exploitation of the attack is possible. The exploit h...
Projectworlds Car Rental Project SQL注入漏洞
Projectworlds Car Rental Project is a car rental project of the Indian company Projectworlds. Version 1.0 of the Projectworlds Car Rental Project has a SQL injection vulnerability. This vulnerability stems from incorrect operations with the parameter uname in the Parameter Handler component of th...
CVE-2026-4626
A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyerbooking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2026-4626 projectworlds Lawyer Management System lawyer_booking.php cross site scripting
A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyerbooking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2026-4626 projectworlds Lawyer Management System lawyer_booking.php cross site scripting
A vulnerability has been found in projectworlds Lawyer Management System 1.0. This impacts an unknown function of the file /lawyerbooking.php. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2026-4626
CVE-2026-4626 affects the projectworlds Lawyer Management System 1.0. The vulnerability is a cross-site scripting (XSS) flaw triggered by manipulating the Description argument in the /lawyer_booking.php endpoint (also referred to as /lawyer booking.php in other sources). The issue is exploitable ...