Projectworlds Expense Management System 安全漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A security vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from an incorrect manipulation of the file /public/admin/expensecategories/create, and could...

Projectworlds Online Shopping System SQL注入漏洞

Projectworlds Online Shopping System is an online shopping system from the Austrian company Projectworlds. A SQL injection vulnerability exists in Projectworlds Online Shopping System version 1.0, which stems from a misuse of the parameter keywords in the file /loginsubmit.php, which could lead t...

PT-2025-43893

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for remote code execution through SQL injection. Manipulation of the keywords argument withi...

Projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from an incorrect manipulation of an unknown function in the file...

PT-2025-43883

Name of the Vulnerable Software and Affected Versions projectworlds Expense Management System version 1.0 Description A security flaw exists in projectworlds Expense Management System 1.0. The issue involves cross site scripting and affects an unknown function within the /public/admin/roles/creat...

EUVD-2025-33866

A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-11604

CVE-2025-11604 affects ProjectWorlds Online Ordering Food System 1.0. The vulnerability arises from improper handling of the Status parameter in /all-orders.php, allowing an SQL injection via remote exploitation. Public exploit disclosed. Multiple sources (NVD, Red Hat, EUVD, CNNVD, CVE listing) ...

CVE-2025-11604 projectworlds Online Ordering Food System all-orders.php sql injection

A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

CVE-2025-11604 projectworlds Online Ordering Food System all-orders.php sql injection

A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...

PT-2025-41690

Name of the Vulnerable Software and Affected Versions ProjectWorlds Online Ordering Food System version 1.0 Description A SQL injection issue exists due to improper processing of the Status argument in the /all-orders.php file. Remote exploitation is possible. The exploit has been publicly...

Projectworlds Online Ordering Food System SQL注入漏洞

Projectworlds Online Ordering Food System is an online ordering food system from Projectworlds. A SQL injection vulnerability exists in Projectworlds Online Ordering Food System version 1.0, which stems from an incorrect manipulation of the parameter Status in the file /all-orders.php, which coul...

CVE-2025-11557 projectworlds Gate Pass Management System add-pass.php sql injection

A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...

CVE-2025-60311

ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page...

CVE-2025-11475 projectworlds Advanced Library Management System view_member.php sql injection

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

CVE-2025-11475

CVE-2025-11475 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the /view_member.php endpoint where manipulating the user_id parameter enables SQL injection, with remote exploitation and publicly disclosed exploit. Impact is high/critical per sources, includin...

CVE-2025-11475 projectworlds Advanced Library Management System view_member.php sql injection

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

CVE-2025-11426 projectworlds Advanced Library Management System edit_book.php unrestricted upload

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...

CVE-2025-11426 projectworlds Advanced Library Management System edit_book.php unrestricted upload

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...

CVE-2025-11426

CVE-2025-11426 affects projectworlds Advanced Library Management System 1.0. The root cause is manipulation of the image argument in /edit_book.php, yielding unrestricted remote upload. Exploitation status: public exploit is available; multiple sources confirm remote attack possible and unrestric...

PT-2025-41252

Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for remote code execution. The issue is related to the manipulation of the user id argument...