CVE-2020-25760

Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database...

CVE-2020-25760

CVE-2020-25760 affects Projectworlds Visitor Management System in PHP 1.0. Connected sources confirm a SQL Injection in front.php caused by lack of input validation on the rid parameter, enabling an attacker to append queries and potentially extract sensitive data. The vulnerability is documented...

PT-2020-16187

Name of the Vulnerable Software and Affected Versions Projectworlds Visitor Management System in PHP version 1.0 Description The issue allows for cross-site scripting XSS attacks due to a lack of input validation on request parameters in the myform.php file. An attacker can inject javascript...

PT-2020-16186

Name of the Vulnerable Software and Affected Versions Projectworlds Visitor Management System version 1.0 Description The issue allows for SQL Injection due to a lack of input validation on the rid parameter in the front.php file. This enables an attacker to append SQL queries to the input,...

Projectworlds House Rental SQL Injection Vulnerability

Projectworlds House Rental is a system used by the Projectworlds organization for house rental functionality. version 1.0 of Projectworlds House Rental is vulnerable to SQL injection, which can be exploited by remote attackers to make POST requests via a malicious index.php...

CVE-2020-23833

Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request...

CVE-2020-23833

Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request...

CVE-2020-23833

CVE-2020-23833 affects Projectworlds House Rental v1.0. The vulnerability is an unauthenticated SQL Injection via a malicious POST to index.php, enabling remote attackers to execute arbitrary code on the hosting webserver. Root cause: insufficient input validation allowing SQL injection. Impact i...

CVE-2020-24115

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access...

CVE-2020-24115

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access...

Online Book Store 1.0 Arbitrary File Upload

Exploit Title: Online Book Store 1.0 - Arbitrary File Upload Google Dork: N/A Date: 2020-01-16 Exploit Author: Or4nG.M4n aka S4udiExploit Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...