← Back

Asset Management System

asset_management_system

Vendor: Projectworlds • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-43014
1Projectworlds
1Asset Management System
Nov 21, 2024
Sep 28, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Asset Management System v1.0 is vulnerable to an Authenticated SQL Injection vulnerability on the 'first_name' and 'last_name' parameters of user.php page, allowing an authenticated attacker to dump all the contents...Show more
Asset Management System v1.0 is vulnerable to an Authenticated SQL Injection vulnerability on the 'first_name' and 'last_name' parameters of user.php page, allowing an authenticated attacker to dump all the contents of the database contents. Show less
CVE-2023-43013
1Projectworlds
1Asset Management System
Nov 21, 2024
Sep 28, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external attacker to dump all the contents of the database contents...Show more
Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external attacker to dump all the contents of the database contents and bypass the login control. Show less