7 matches found
CVE-2024-51060
CVE-2024-51060 affects Projectworlds Online Admission System v1. The vulnerability is a SQL Injection in the file index.php reachable via the a_id parameter. The data shows a high-severity, network-exploitable issue with potential impact on confidentiality and integrity (CVSS 3.1 base score 9.1)....
CVE-2025-8471
CVE-2025-8471 affects projectworlds Online Admission System 1.0. A SQL injection vulnerability exists in adminlogin.php via the a_id parameter, reportedly exploitable remotely; PoCs and public exploits (e.g., ExploitDB, PacketStorm) describe two-stage and time-based payloads. No official fix/vers...
CVE-2025-8247
CVE-2025-8247 affects Projectworlds Online Admission System 1.0. The vulnerability is an SQL injection in the /admin.php file caused by manipulation of the parameter markof. Exploitation can be performed remotely; multiple sources note the exploit has been publicly disclosed. The issue is tied to...
CVE-2025-8496
CVE-2025-8496 affects projectworlds Online Admission System 1.0. The vulnerability resides in the /viewform.php file, where manipulating the ID parameter leads to SQL injection. A remote attacker can exploit this without authentication; multiple sources indicate the exploit has been publicly disc...
CVE-2025-8338
CVE-2025-8338 affects projectworlds Online Admission System 1.0. The vulnerability lies in the /adminac.php file where manipulating the ID parameter enables SQL injection, potentially exploitable remotely. Public disclosure of the exploit is noted across multiple feeds (NVD, CVE listings, CNVD/CN...
CVE-2025-8436
The CVE corresponds to projectworlds Online Admission System 1.0 where the vulnerability is in the file /viewdoc.php. The root cause is improper handling of the ID parameter, enabling SQL injection that could be exploited remotely. Multiple sources (NVD, Red Hat, CNVD, CVE listings) describe an a...
CVE-2025-12938
Summary: CVE-2025-12938 affects projectworlds Online Admission System 1.0. Affected component: file /process_login.php, where manipulation of the keywords parameter enables a SQL injection. The vulnerability is remote, with a publicly available exploit noted in the sources. Multiple feeds corrobo...