671 matches found
CVE-2021-43158
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cartremove.php allows a remote attacker to remove any product in the customer's cart...
CVE-2021-43631
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...
CVE-2021-43156
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admindelete.php allows a remote attacker to delete any book...
CVE-2021-43628
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...
Cross site request forgery (csrf)
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cartremove.php allows a remote attacker to remove any product in the customer's cart...
Sql injection
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...
Cross site request forgery (csrf)
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admindelete.php allows a remote attacker to delete any book...
CVE-2021-43158
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cartremove.php allows a remote attacker to remove any product in the customer's cart...
CVE-2021-43158
CVE-2021-43158 refers to a CSRF vulnerability in the ProjectWorlds Online Shopping System PHP 1.0, specifically in cart_remove.php, that enables a remote attacker to remove any product from a customer’s cart. The vulnerability is documented across multiple sources (NVD entry and CNVD/CVE records)...
CVE-2021-43156
The CVE-2021-43156 entry affects ProjectWorlds Online Book Store PHP 1.0, where a CSRF flaw in admin_delete.php allows a remote attacker to delete any book. The connected documents consistently describe this CSRF vulnerability in the admin_delete.php endpoint as the root cause, with impact limite...
CVE-2021-43156
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admindelete.php allows a remote attacker to delete any book...
CVE-2021-43631
CVE-2021-43631 affects Projectworlds Hospital Management System v1.0. It is vulnerable to SQL injection via the appointment_no parameter in payment.php, allowing potentially arbitrary SQL execution and access to sensitive database data. Documents consistently describe the issue but do not provide...
CVE-2021-43631
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointmentno parameter in payment.php...
CVE-2021-43629
Projectworlds Hospital Management System v1.0 is affected by an SQL injection in admin_home.php via multiple parameters. Root cause: improper handling of user input enables SQL commands to be executed. Impact: potential disclosure of sensitive database data (high/critical risk per cited CVSS). Ex...
CVE-2021-43628
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...
CVE-2021-43628
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. The issue, documented across multiple sources (NVD/CNVD/CNNVD), indicates improper input handling that allows attackers to manipulate SQL queries. Root cause: unsafeguarded user ...
Projectworlds Online Shopping System SQL注入漏洞
Projectworlds Online Shopping System is an online shopping system from Projectworlds Austria. v1.0 of ProjectWorlds Online Shopping System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Projectworlds Hospital Management System SQL注入漏洞
Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. v1.0 of Projectworlds Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers to Execute illegal SQL commands to steal sensitive database data...
Projectworlds Hospital Management System SQL注入漏洞
Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria.Projectworlds Hospital Management System is vulnerable to SQL injection, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data...
Projectworlds Online Book Store Project In Php 跨站请求伪造漏洞
Projectworlds Online Book Store Project In Php is a Php-based online bookstore system from the Austrian company Projectworlds. A security vulnerability exists in Projectworlds Online Book Store Project In Php version 1.0, which can be exploited by an attacker to delete any book from the system...