Filtered by vendor Projectworlds
Subscriptions
Filtered by product Travel Management System
Subscriptions
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9052 | 1 Projectworlds | 1 Travel Management System | 2025-08-21 | 7.3 High |
| A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the file /updatepackage.php. The manipulation of the argument s1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9053 | 1 Projectworlds | 1 Travel Management System | 2025-08-21 | 7.3 High |
| A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /updatesubcategory.php. The manipulation of the argument t1/s1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9050 | 1 Projectworlds | 1 Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /addcategory.php. The manipulation of the argument t1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9051 | 1 Projectworlds | 1 Travel Management System | 2025-08-18 | 7.3 High |
| A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-51328 | 2 Projectworlds, Travel Management System Project | 2 Travel Management System, Travel Management System | 2025-05-07 | 6.1 Medium |
| Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject arbitrary code via the t2 parameter. | ||||
| CVE-2020-29205 | 1 Projectworlds | 1 Travel Management System | 2024-11-21 | 6.1 Medium |
| XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field | ||||
| CVE-2020-24203 | 1 Projectworlds | 1 Travel Management System | 2024-11-21 | 9.8 Critical |
| Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution. | ||||
| CVE-2024-51327 | 1 Projectworlds | 1 Travel Management System | 2024-11-06 | 9.8 Critical |
| SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields. | ||||
| CVE-2024-51326 | 1 Projectworlds | 1 Travel Management System | 2024-11-06 | 7.5 High |
| SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execute arbitrary code via the 't2' parameter in deletesubcategory.php. | ||||
Page 1 of 1.