Filtered by vendor Projectworlds
Subscriptions
Total
133 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-45345 | 1 Projectworlds | 1 Online Food Ordering Script | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The '*_deleted' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45344 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The '*_balance' parameter of the routers/user-router.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45343 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticket_id' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45342 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45341 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The '*_price' parameter of the routers/menu-router.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45340 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/details-router.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45338 | 1 Projectworlds | 1 Online Food Ordering Script | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the routers/add-ticket.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45336 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the routers/router.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45334 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'status' parameter of the routers/edit-orders.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45325 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'address' parameter of the routers/add-users.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45323 | 1 Projectworlds | 1 Online Food Ordering System | 2024-11-21 | 9.8 Critical |
| Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter of the routers/add-item.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45203 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 6.1 Medium |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the login.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | ||||
| CVE-2023-45202 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 6.1 Medium |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the feed.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | ||||
| CVE-2023-45201 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 6.1 Medium |
| Online Examination System v1.0 is vulnerable to multiple Open Redirect vulnerabilities. The 'q' parameter of the admin.php resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL. | ||||
| CVE-2023-45121 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 9.8 Critical |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45119 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 9.8 Critical |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'n' parameter of the /update.php?q=quiz resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45118 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 9.8 Critical |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'fdid' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-45116 | 1 Projectworlds | 1 Online Examination System | 2024-11-21 | 9.8 Critical |
| Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'demail' parameter of the /update.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||
| CVE-2023-44484 | 1 Projectworlds | 1 Online Blood Donation Management System | 2024-11-21 | 6.1 Medium |
| Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response. | ||||
| CVE-2023-44481 | 1 Projectworlds | 1 Leave Management System | 2024-11-21 | 8.8 High |
| Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database. | ||||