Lucene search
K
ProjectworldsAdvanced Library Management System

17 matches found

CVE
CVE
added 2025/12/11 5:2 p.m.21 views

CVE-2025-14527

CVE-2025-14527 affects projectworlds Advanced Library Management System 1.0. The vulnerability is a SQL injection in the unknown-code path of /view_book.php triggered by manipulating the book_id parameter. It is exploitable remotely and has public exploit availability; multiple sources confirm re...

9.8CVSS7.3AI score0.00339EPSS
CVE
CVE
added 2025/10/08 1:2 p.m.18 views

CVE-2025-11475

CVE-2025-11475 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the /view_member.php endpoint where manipulating the user_id parameter enables SQL injection, with remote exploitation and publicly disclosed exploit. Impact is high/critical per sources, includin...

9.8CVSS7.2AI score0.00387EPSS
CVE
CVE
added 2025/10/08 2:32 a.m.17 views

CVE-2025-11425

CVE-2025-11425 affects projectworlds Advanced Library Management System 1.0, with an XSS vulnerability in the /edit_admin.php handling of the firstname parameter. The issue is exploitable remotely and has publicly available exploits. Other parameters may be affected as well. Authored/verified rep...

4.8CVSS3.2AI score0.00241EPSS
CVE
CVE
added 2025/11/17 12:2 p.m.17 views

CVE-2025-13278

CVE-2025-13278 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the file /borrowed_book_search.php where manipulating the datefrom/dateto parameters enables SQL injection. The attack can be launched remotely, and exploit details have been publicly disclosed. R...

8.8CVSS6.5AI score0.00313EPSS
Web
CVE
CVE
added 2025/11/23 11:2 p.m.16 views

CVE-2025-13572

The CVE-2025-13572 entry affects projectworlds Advanced Library Management System 1.0, with a vulnerability in the /delete_admin.php path where manipulating the admin_id parameter enables SQL injection. Remote exploitation is possible and an exploit is publicly available. Several sources corrobor...

9.8CVSS6.7AI score0.00385EPSS
CVE
CVE
added 2025/11/16 11:32 p.m.15 views

CVE-2025-13253

CVE-2025-13253 affects projectworlds Advanced Library Management System 1.0. A SQL injection vulnerability exists in the /add_librarian.php file due to manipulation of the Username parameter. This can be exploited remotely and the exploit has been publicly disclosed. Multiple sources corroborate ...

8.8CVSS6.6AI score0.00313EPSS
CVE
CVE
added 2025/11/17 1:2 a.m.15 views

CVE-2025-13256

CVE-2025-13256 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in an unknown function of /borrow.php where manipulating the argument roll_number can cause SQL injection. The flaw can be exploited remotely, and public exploits are available. The connected documen...

8.8CVSS6.4AI score0.00313EPSS
CVE
CVE
added 2025/10/08 3:2 a.m.14 views

CVE-2025-11426

CVE-2025-11426 affects projectworlds Advanced Library Management System 1.0. The root cause is manipulation of the image argument in /edit_book.php, yielding unrestricted remote upload. Exploitation status: public exploit is available; multiple sources confirm remote attack possible and unrestric...

8.8CVSS6.2AI score0.00302EPSS
CVE
CVE
added 2025/10/27 6:22 a.m.14 views

CVE-2025-12237

The CVE-2025-12237 entry concerns projectworlds Advanced Library Management System 1.0. A vulnerability exists in the /index.php file where manipulating the keywords parameter enables SQL injection. The flaw is remotely exploitable, and public exploit code is available. Connected sources corrobor...

9.8CVSS7.3AI score0.00434EPSS
CVE
CVE
added 2025/11/23 11:32 p.m.14 views

CVE-2025-13573

CVE-2025-13573 concerns a vulnerability in Projectworlds’ add_book.php where manipulating the image parameter enables unrestricted file uploads. The issue is in unknown code for /add_book.php and is exploitable remotely, with public exploits available. The provided documents do not specify affect...

8.8CVSS6.5AI score0.00304EPSS
CVE
CVE
added 2025/12/08 3:2 a.m.14 views

CVE-2025-14212

CVE-2025-14212 affects projectworlds Advanced Library Management System 1.0. Affected functionality is at /member_search.php where manipulating the roll_number parameter can trigger a SQL injection. Exploitation is possible remotely, and an exploit has been published. The issue is corroborated ac...

9.8CVSS7.2AI score0.00339EPSS
CVE
CVE
added 2025/12/12 6:32 p.m.14 views

CVE-2025-14570

CVE-2025-14570 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the file routes involving the parameter that controls the admin ID (notably /view_admin.php or /view admin.php in variants) where improper handling/manipulation of the admin_id parameter enables S...

9.8CVSS6.6AI score0.00399EPSS
CVE
CVE
added 2025/12/08 2:2 a.m.13 views

CVE-2025-14210

CVE-2025-14210 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the /delete_member.php file where manipulation of the user_id parameter enables SQL injection. Attacks are remote and the exploit has been publicly disclosed. Impact is high/critical per CVSS vect...

9.8CVSS6.7AI score0.00339EPSS
CVE
CVE
added 2025/12/12 6:32 p.m.13 views

CVE-2025-14571

The CVE-2025-14571 entry affects Projectworlds Advanced Library Management System 1.0, specifically the /borrow_book.php functionality. The vulnerability arises from manipulation of the roll_number argument, leading to SQL injection. It is exploitable remotely and an exploit has been disclosed pu...

9.8CVSS6.8AI score0.00399EPSS
CVE
CVE
added 2025/11/17 12:32 a.m.12 views

CVE-2025-13255

CVE-2025-13255 affects Projectworlds Advanced Library Management System 1.0. The vulnerability is a SQL injection in the /book_search.php handler, triggered by manipulating the book_pub/book_title argument. The issue is exploitable remotely and an exploit has been released publicly. Affected comp...

8.8CVSS6.4AI score0.00371EPSS
Web
CVE
CVE
added 2025/11/17 12:2 a.m.11 views

CVE-2025-13254

CVE-2025-13254 affects projectworlds Advanced Library Management System 1.0. The vulnerability is in the unknown code path of /add_member.php where manipulation of the roll_number parameter enables SQL injection. Exploitation may be remote and public exploitation is indicated by the sources. The ...

8.8CVSS6.5AI score0.00313EPSS
CVE
CVE
added 2025/12/08 2:32 a.m.10 views

CVE-2025-14211

CVE-2025-14211 affects the projectworlds Advanced Library Management System 1.0. The vulnerability is in an unknown functionality of the file /delete_book.php, where manipulating the argument book_id yields a SQL injection. The issue is remotely exploitable and, per connected sources, the exploit...

9.8CVSS7.3AI score0.00339EPSS