Projectworlds

Visitor Management System

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2025-11067

Exploit
  • EPSS 0.02%
  • Veröffentlicht 27.09.2025 16:15:31
  • Zuletzt bearbeitet 03.10.2025 14:54:32

A vulnerability has been found in Projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /myform.php of the component Add Visitor Page. The manipulation of the argument Name leads to cross site scripting. Remote expl...

9.8

CVE-2025-9047

Exploit
  • EPSS 0.04%
  • Veröffentlicht 15.08.2025 11:02:08
  • Zuletzt bearbeitet 18.08.2025 15:09:43

A vulnerability has been found in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /visitor_out.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. Th...

9.8

CVE-2025-8948

Exploit
  • EPSS 0.03%
  • Veröffentlicht 14.08.2025 07:02:07
  • Zuletzt bearbeitet 14.08.2025 17:41:12

A vulnerability was determined in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /front.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The expl...

9.8

CVE-2025-8947

Exploit
  • EPSS 0.04%
  • Veröffentlicht 14.08.2025 06:32:05
  • Zuletzt bearbeitet 14.08.2025 17:41:26

A vulnerability was found in projectworlds Visitor Management System 1.0. This issue affects some unknown processing of the file /query_data.php. The manipulation of the argument dateF/dateP leads to sql injection. The attack may be initiated remotel...

8.1

CVE-2024-22983

Exploit
  • EPSS 0.67%
  • Veröffentlicht 28.02.2024 22:15:26
  • Zuletzt bearbeitet 02.05.2025 19:49:55

SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint.

9.8

CVE-2024-22922

Exploit
  • EPSS 0.9%
  • Veröffentlicht 25.01.2024 22:15:08
  • Zuletzt bearbeitet 23.01.2026 19:33:03

An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php

6.1

CVE-2024-0650

Exploit
  • EPSS 0.09%
  • Veröffentlicht 18.01.2024 00:15:38
  • Zuletzt bearbeitet 23.01.2026 19:47:36

A vulnerability was found in Project Worlds Visitor Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file dataset.php of the component URL Handler. The manipulation of the argument name with the inp...

8.8

CVE-2020-25760

Exploit
  • EPSS 0.37%
  • Veröffentlicht 30.09.2020 18:15:25
  • Zuletzt bearbeitet 23.01.2026 19:33:03

Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database.

6.1

CVE-2020-25761

Exploit
  • EPSS 0.43%
  • Veröffentlicht 30.09.2020 18:15:25
  • Zuletzt bearbeitet 23.01.2026 19:33:03

Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing o...