Projectworlds: Security Vulnerabilities
Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-10-14
An issue was discovered in Projectworlds Hospital Management System v1.0. Unauthorized malicious attackers can add patients without restriction via add_patient.php.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-03-16
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not perform input validation on the 'id' paramter. An attacker can append SQL queries to the input to extract sensitive information from the database.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-02-03
Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is required.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-01-23
An SQL Injection vulnerability exists in Projectworlds Online Examination System 1.0 via the eid parameter in account.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-21
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2021-12-22
In ProjectWorlds Online Book Store PHP 1.0 a CSRF vulnerability in admin_delete.php allows a remote attacker to delete any book.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-12-22
Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-12-22
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-12-22
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2021-12-22