← Back

Projectworlds

projectworlds

223 CVEs • 45 products

Products (45)

Click to collapse
Toggle
Advanced Library Management System
advanced_library_management_system
17 CVEs
Online Examination System
online_examination_system
16 CVEs
Online Time Table Generator
online_time_table_generator
15 CVEs
Travel Management System
travel_management_system
14 CVEs
Life Insurance Management System
life_insurance_management_system
14 CVEs
Online Food Ordering System
online_food_ordering_system
13 CVEs
Online Book Store Project In Php
online_book_store_project_in_php
10 CVEs
Online Lawyer Management System
online_lawyer_management_system
10 CVEs
Visitor Management System
visitor_management_system
9 CVEs
Online Matrimonial Project
online_matrimonial_project
7 CVEs
Hospital Management System In Php
hospital_management_system_in_php
7 CVEs
Online Admission System
online_admission_system
7 CVEs
Online Movie Ticket Booking System
online_movie_ticket_booking_system
6 CVEs
Student Project Allocation System
student_project_allocation_system
6 CVEs
Online Doctor Appointment Booking System Php And Mysql
online_doctor_appointment_booking_system_php_and_mysql
6 CVEs
House Rental And Property Listing Project
house_rental_and_property_listing_project
4 CVEs
Car Rental Project
car_rental_project
4 CVEs
Online Shopping System
online_shopping_system
4 CVEs
Online Food Ordering Script
online_food_ordering_script
4 CVEs
Online Hotel Booking
online_hotel_booking
4 CVEs
Expense Management System
expense_management_system
4 CVEs
Online Art Gallery Shop
online_art_gallery_shop
4 CVEs
Leave Management System
leave_management_system
3 CVEs
Online Job Portal
online_job_portal
3 CVEs
Online Voting System Project
online_voting_system_project
3 CVEs
Railway Reservation System
railway_reservation_system
3 CVEs
Doctor Appointment System
doctor_appointment_system
3 CVEs
Official Car Rental System
official_car_rental_system
2 CVEs
Asset Management System
asset_management_system
2 CVEs
Simple Web Based Chat Application
simple_web-based_chat_application
2 CVEs
Online Notes Sharing Platform
online_notes_sharing_platform
2 CVEs
Gate Pass Management System
gate_pass_management_system
2 CVEs
House Rental
house_rental
1 CVE
Online Shopping Webvsite In Php
online-shopping-webvsite-in-php
1 CVE
Asset Management System Project In Php
asset_management_system_project_in_php
1 CVE
Online Book Store Project
online_book_store_project
1 CVE
Gym Management System Project
gym_management_system_project
1 CVE
Online Art Gallery
online_art_gallery
1 CVE
Online Blood Donation Management System
online_blood_donation_management_system
1 CVE
Student Result Management System
student_result_management_system
1 CVE
Free Download Online Shopping System
free_download_online_shopping_system
1 CVE
Apartment Visitors Management System
apartment_visitors_management_system
1 CVE
Hospital Database Management System
hospital_database_management_system
1 CVE
Online Tours And Travels
online_tours_and_travels
1 CVE
Gym Management System
gym_management_system
1 CVE

CVEs (223)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-10447
1Projectworlds
1Online Time Table Generator
Oct 31, 2024
Oct 28, 2024
5.3 MEDIUM· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. Affected by this vulnerability is an unknown functionality of the file /timetable/staff/staffdashboard.php?info=updatepr...Show more
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. Affected by this vulnerability is an unknown functionality of the file /timetable/staff/staffdashboard.php?info=updateprofile. The manipulation of the argument n leads to sql injection. The attack can be launched remotely.Show less
CVE-2024-10446
1Projectworlds
1Online Time Table Generator
Nov 1, 2024
Oct 28, 2024
5.3 MEDIUM· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. Affected is an unknown function of the file /timetable/admin/admindashboard.php?info=add_course. The manipulation o...Show more
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. Affected is an unknown function of the file /timetable/admin/admindashboard.php?info=add_course. The manipulation of the argument c leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10433
1Projectworlds
1Simple Web Based Chat Application
Oct 30, 2024
Oct 28, 2024
5.3 MEDIUM· v4
6.1 MEDIUM· v3
4.0 MEDIUM· v2
A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argume...Show more
A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions different parameters to be affected which do not correlate with the screenshots of a successful attack.Show less
CVE-2024-10432
1Projectworlds
1Simple Web Based Chat Application
Oct 30, 2024
Oct 28, 2024
6.9 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of th...Show more
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10425
1Projectworlds
1Student Project Allocation System
Oct 29, 2024
Oct 27, 2024
5.3 MEDIUM· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability was found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /student/project_selection/move_up_project.ph...Show more
A vulnerability was found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /student/project_selection/move_up_project.php of the component Project Selection Page. The manipulation of the argument up leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10424
1Projectworlds
1Student Project Allocation System
Oct 29, 2024
Oct 27, 2024
5.3 MEDIUM· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/project_selection/remove_...Show more
A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/project_selection/remove_project.php of the component Project Selection Page. The manipulation of the argument no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10423
1Projectworlds
1Student Project Allocation System
Oct 29, 2024
Oct 27, 2024
5.3 MEDIUM· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/project_selection/project_selection.php of the co...Show more
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/project_selection/project_selection.php of the component Project Selection Page. The manipulation of the argument project_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-45986
1Projectworlds
1Online Voting System Project
May 6, 2025
Sep 26, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequen...Show more
A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account information is accessed.Show less
CVE-2024-42843
1Projectworlds
1Online Examination System
Aug 19, 2024
Aug 15, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.
CVE-2024-36597
1Projectworlds
1Life Insurance Management System
Mar 13, 2025
Jun 14, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Aegon Life v1.0 was discovered to contain a SQL injection vulnerability via the client_id parameter at clientStatus.php.
CVE-2024-22983
1Projectworlds
1Visitor Management System
May 2, 2025
Feb 28, 2024
N/A· v4
8.1 HIGH· v3
N/A· v2
SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint.
CVE-2024-22922
1Projectworlds
1Visitor Management System
Jan 23, 2026
Jan 25, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php
CVE-2024-0730
1Projectworlds
1Online Time Table Generator
Nov 21, 2024
Jan 19, 2024
N/A· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file course_ajax.php. The manipulation of the argument id leads to sql i...Show more
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file course_ajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251553 was assigned to this vulnerability.Show less
CVE-2024-0726
1Projectworlds
1Student Project Allocation System
Nov 21, 2024
Jan 19, 2024
N/A· v4
6.1 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin_login.php of the component Admin Login Mod...Show more
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin_login.php of the component Admin Login Module. The manipulation of the argument msg with the input test%22%3Cscript%3Ealert(%27Torada%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251549 was assigned to this vulnerability.Show less
CVE-2024-0650
1Projectworlds
1Visitor Management System
Jan 23, 2026
Jan 18, 2024
N/A· v4
6.1 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability was found in Project Worlds Visitor Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file dataset.php of the component URL Handler. The manipulation of...Show more
A vulnerability was found in Project Worlds Visitor Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file dataset.php of the component URL Handler. The manipulation of the argument name with the input "><script>alert('torada')</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251376.Show less
CVE-2024-0498
1Projectworlds
1Online Lawyer Management System
Aug 28, 2025
Jan 13, 2024
N/A· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the...Show more
A vulnerability was found in Project Worlds Lawyer Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file searchLawyer.php. The manipulation of the argument experience leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250603.Show less
CVE-2024-0266
1Projectworlds
1Online Lawyer Management System
Aug 28, 2025
Jan 7, 2024
N/A· v4
5.4 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability classified as problematic has been found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the component User Registration. The manipulation of the argument First N...Show more
A vulnerability classified as problematic has been found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the component User Registration. The manipulation of the argument First Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249822 is the identifier assigned to this vulnerability.Show less
CVE-2024-0262
1Projectworlds
1Online Job Portal
Nov 21, 2024
Jan 7, 2024
N/A· v4
4.8 MEDIUM· v3
3.3 LOW· v2
A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Admin/News.php of the component Create News Page. The manipulation of th...Show more
A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Admin/News.php of the component Create News Page. The manipulation of the argument News with the input </title><scRipt>alert(0x00C57D)</scRipt> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249818 is the identifier assigned to this vulnerability.Show less
CVE-2023-48716
1Projectworlds
1Student Result Management System
Nov 21, 2024
Dec 21, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_id' parameter of the add_classes.php resource does not validate the characters received and they a...Show more
Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'class_id' parameter of the add_classes.php resource does not validate the characters received and they are sent unfiltered to the database. Show less
CVE-2023-48689
1Projectworlds
1Railway Reservation System
Nov 21, 2024
Dec 21, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfilt...Show more
Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'byname' parameter of the train.php resource does not validate the characters received and they are sent unfiltered to the database. Show less