Lucene search
K

671 matches found

Vulnrichment
Vulnrichment
added 2025/10/27 5:32 a.m.4 views

CVE-2025-12229 projectworlds Expense Management System Roles Page create cross site scripting

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

4.8CVSS2.9AI score0.00235EPSS
Exploits1References4
CVE
CVE
added 2025/10/27 5:32 a.m.14 views

CVE-2025-12229

Projectworlds Expense Management System 1.0 is reportedly vulnerable to cross-site scripting via the /public/admin/roles/create function in the Roles Page. Affected component is the Roles Page, with the root cause described as manipulation of an unknown function in that file. The vulnerability en...

4.8CVSS2.9AI score0.00235EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/10/27 5:32 a.m.9 views

CVE-2025-12228 projectworlds Expense Management System Users Page create cross site scripting

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The...

4.8CVSS0.00235EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/10/27 5:32 a.m.3 views

CVE-2025-12228 projectworlds Expense Management System Users Page create cross site scripting

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The...

4.8CVSS2.7AI score0.00235EPSS
Exploits1References4
CVE
CVE
added 2025/10/27 5:32 a.m.10 views

CVE-2025-12228

CVE-2025-12228 affects projectworlds Expense Management System 1.0. The flaw is in an unknown function of the file /public/admin/users/create on the Users Page, resulting in cross-site scripting (XSS) . Exploitation is described as remote, with publicly available exploit code. Multiple connected ...

4.8CVSS5.2AI score0.00235EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/10/27 5:32 a.m.11 views

CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.1CVSS0.00224EPSS
Exploits1References4
CVE
CVE
added 2025/10/27 5:32 a.m.12 views

CVE-2025-12227

Projectworlds Gate Pass Management System 1.0 is affected by a cross-site scripting vulnerability in an unknown function within /add-pass.php. The issue can be exploited remotely, with public disclosure of the exploit noted in multiple feeds. The root cause is described as an unknown function in ...

5.4CVSS3.3AI score0.00224EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/27 5:32 a.m.2 views

CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing a manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may b...

5.1CVSS3.3AI score0.00224EPSS
Exploits1References4
NVD
NVD
added 2025/10/27 4:15 a.m.3 views

CVE-2025-12215

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

9.8CVSS0.00382EPSS
Exploits1References4
OSV
OSV
added 2025/10/27 4:15 a.m.3 views

CVE-2025-12215

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

9.8CVSS5.8AI score0.00382EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/10/27 4:2 a.m.3 views

CVE-2025-12215 projectworlds Online Shopping System login_submit.php sql injection

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

7.5CVSS7.2AI score0.00382EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/10/27 4:2 a.m.11 views

CVE-2025-12215 projectworlds Online Shopping System login_submit.php sql injection

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

7.5CVSS0.00382EPSS
Exploits1References4
CVE
CVE
added 2025/10/27 4:2 a.m.12 views

CVE-2025-12215

CVE-2025-12215 affects projectworlds Online Shopping System 1.0, specifically the /login_submit.php file. The issue is an input handling flaw where manipulating the keywords argument enables SQL injection. The vulnerability is remote and has had exploits published. Multiple sources flag high risk...

9.8CVSS7.2AI score0.00382EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/10/27 4:2 a.m.6 views

EUVD-2025-36078

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

7.5CVSS6.4AI score0.00382EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

Projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from an incorrect manipulation of an unknown function in the file...

4.8CVSS4.2AI score0.00235EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.4 views

Projectworlds Expense Management System 安全漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A security vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from misuse of an unknown function in the file /public/admin/currencies/create, and could lea...

4.8CVSS3.8AI score0.00235EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.3 views

Projectworlds Online Shopping System SQL注入漏洞

Projectworlds Online Shopping System is an online shopping system from the Austrian company Projectworlds. A SQL injection vulnerability exists in Projectworlds Online Shopping System version 1.0, which stems from a misuse of the parameter keywords in the file /loginsubmit.php, which could lead t...

9.8CVSS7.8AI score0.00382EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.3 views

projectworlds Expense Management System 代码注入漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A code injection vulnerability exists in version 1.0 of the projectworlds Expense Management System, which stems from an incorrect manipulation of an unknown function in the file...

4.8CVSS4.2AI score0.00235EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.3 views

Projectworlds Expense Management System 安全漏洞

Projectworlds Expense Management System is an open source expense management system from Projectworlds. A security vulnerability exists in Projectworlds Expense Management System version 1.0, which stems from an incorrect manipulation of the file /public/admin/expensecategories/create, and could...

4.8CVSS3.8AI score0.00235EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.6 views

PT-2025-43875

Name of the Vulnerable Software and Affected Versions projectworlds Online Shopping System version 1.0 Description A flaw has been identified in projectworlds Online Shopping System 1.0. The issue involves a potential SQL injection affecting an unknown function within the /login submit.php file...

9.8CVSS7.1AI score0.00382EPSS
Exploits1References11
Rows per page
Query Builder