671 matches found
PT-2025-43883
Name of the Vulnerable Software and Affected Versions projectworlds Expense Management System version 1.0 Description A security flaw exists in projectworlds Expense Management System 1.0. The issue involves cross site scripting and affects an unknown function within the /public/admin/roles/creat...
PT-2025-43881
Name of the Vulnerable Software and Affected Versions projectworlds Gate Pass Management System version 1.0 Description A flaw exists in projectworlds Gate Pass Management System that allows for cross site scripting. The issue is located in an unknown function within the /add-pass.php file. This...
PT-2025-43893
Name of the Vulnerable Software and Affected Versions projectworlds Advanced Library Management System version 1.0 Description A flaw exists in projectworlds Advanced Library Management System that allows for remote code execution through SQL injection. Manipulation of the keywords argument withi...
PT-2025-43886
Name of the Vulnerable Software and Affected Versions projectworlds Expense Management System version 1.0 Description A security issue exists in the Expense Categories Page component of projectworlds Expense Management System. The issue involves an unknown function within the /public/admin/expens...
PT-2025-43885
Name of the Vulnerable Software and Affected Versions projectworlds Expense Management System version 1.0 Description A weakness exists in projectworlds Expense Management System version 1.0 that allows for cross site scripting. The issue impacts an unknown function within the Currency Page...
EUVD-2025-33866
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2025-11604 projectworlds Online Ordering Food System all-orders.php sql injection
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2025-11604
CVE-2025-11604 affects ProjectWorlds Online Ordering Food System 1.0. The vulnerability arises from improper handling of the Status parameter in /all-orders.php, allowing an SQL injection via remote exploitation. Public exploit disclosed. Multiple sources (NVD, Red Hat, EUVD, CNNVD, CVE listing) ...
CVE-2025-11604 projectworlds Online Ordering Food System all-orders.php sql injection
A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This manipulation of the argument Status causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly...
PT-2025-41690
Name of the Vulnerable Software and Affected Versions ProjectWorlds Online Ordering Food System version 1.0 Description A SQL injection issue exists due to improper processing of the Status argument in the /all-orders.php file. Remote exploitation is possible. The exploit has been publicly...
Projectworlds Online Ordering Food System SQL注入漏洞
Projectworlds Online Ordering Food System is an online ordering food system from Projectworlds. A SQL injection vulnerability exists in Projectworlds Online Ordering Food System version 1.0, which stems from an incorrect manipulation of the parameter Status in the file /all-orders.php, which coul...
CVE-2025-11557 projectworlds Gate Pass Management System add-pass.php sql injection
A vulnerability has been found in projectworlds Gate Pass Management System 1.0. This issue affects some unknown processing of the file /add-pass.php. Such manipulation of the argument fullname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the publ...
CVE-2025-60311
ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page...
CVE-2025-11475 projectworlds Advanced Library Management System view_member.php sql injection
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-11475 projectworlds Advanced Library Management System view_member.php sql injection
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-11475
CVE-2025-11475 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the /view_member.php endpoint where manipulating the user_id parameter enables SQL injection, with remote exploitation and publicly disclosed exploit. Impact is high/critical per sources, includin...
CVE-2025-11426 projectworlds Advanced Library Management System edit_book.php unrestricted upload
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...
CVE-2025-11426 projectworlds Advanced Library Management System edit_book.php unrestricted upload
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...
CVE-2025-11426
CVE-2025-11426 affects projectworlds Advanced Library Management System 1.0. The root cause is manipulation of the image argument in /edit_book.php, yielding unrestricted remote upload. Exploitation status: public exploit is available; multiple sources confirm remote attack possible and unrestric...
Projectworlds Advanced Library Management System 安全漏洞
Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A security vulnerability exists in Projectworlds Advanced Library Management System version 1.0, which stems from an incorrect manipulation of the parameter userid in the file...