Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Project Worlds — Vulnerabilities & Security Advisories 33

Browse all 33 CVE security advisories affecting Project Worlds. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Project Worlds operates as a comprehensive enterprise resource planning and business management suite, primarily serving manufacturing, distribution, and retail sectors by integrating financial, supply chain, and customer relationship management functions. Despite its widespread adoption in critical business operations, the platform has historically exhibited significant security deficiencies, evidenced by thirty-three recorded Common Vulnerabilities and Exposures. These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access control mechanisms. While no single catastrophic data breach has been publicly attributed solely to Project Worlds, the high volume of exploitable issues suggests systemic architectural weaknesses. Security researchers frequently highlight the software’s susceptibility to authenticated attacks, urging administrators to prioritize immediate patching and strict network segmentation to mitigate the risk of unauthorized system compromise and data exfiltration.

Top products by Project Worlds: Online Time Table Generator Online Lawyer Management System Student Project Allocation System Simple Web-Based Chat Application Life Insurance Management System Car Rental Project Lawyer Management System Visitor Management System Online Admission System Free Download Online Shopping System
CVE IDTitleCVSSSeverityPublished
CVE-2025-4482 Project Worlds Student Project Allocation System forgot_password_sql.php sql injection — Student Project Allocation SystemCWE-89 7.3 High2025-05-09
CVE-2025-4457 Project Worlds Car Rental Project approve.php sql injection — Car Rental ProjectCWE-89 7.3 High2025-05-09
CVE-2025-4456 Project Worlds Car Rental Project signup.php sql injection — Car Rental ProjectCWE-89 7.3 High2025-05-09
CVE-2025-3176 Project Worlds Online Lawyer Management System single_lawyer.php sql injection — Online Lawyer Management SystemCWE-89 7.3 High2025-04-03
CVE-2025-3175 Project Worlds Online Lawyer Management System save_user_edit_profile.php sql injection — Online Lawyer Management SystemCWE-89 7.3 High2025-04-03
CVE-2025-3174 Project Worlds Online Lawyer Management System searchLawyer.php sql injection — Online Lawyer Management SystemCWE-89 7.3 High2025-04-03
CVE-2025-3173 Project Worlds Online Lawyer Management System save_booking.php sql injection — Online Lawyer Management SystemCWE-89 7.3 High2025-04-03
CVE-2025-3172 Project Worlds Online Lawyer Management System lawyer_booking.php sql injection — Online Lawyer Management SystemCWE-89 7.3 High2025-04-03
CVE-2025-3171 Project Worlds Online Lawyer Management System approve_lawyer.php sql injection — Online Lawyer Management SystemCWE-89 7.3 High2025-04-03
CVE-2025-3170 Project Worlds Online Lawyer Management System admin_user.php sql injection — Online Lawyer Management SystemCWE-89 7.3 High2025-04-03
CVE-2025-3042 Project Worlds Online Time Table Generator updateprofile.php unrestricted upload — Online Time Table GeneratorCWE-434 6.3 Medium2025-04-01
CVE-2025-3041 Project Worlds Online Time Table Generator updatestudent.php unrestricted upload — Online Time Table GeneratorCWE-434 6.3 Medium2025-03-31
CVE-2025-3040 Project Worlds Online Time Table Generator add_student.php unrestricted upload — Online Time Table GeneratorCWE-434 6.3 Medium2025-03-31
CVE-2025-2662 Project Worlds Online Time Table Generator studentdashboard.php sql injection — Online Time Table GeneratorCWE-89 6.3 Medium2025-03-23
CVE-2025-2661 Project Worlds Online Time Table Generator index.php sql injection — Online Time Table GeneratorCWE-89 7.3 High2025-03-23
CVE-2025-2660 Project Worlds Online Time Table Generator index.php sql injection — Online Time Table GeneratorCWE-89 7.3 High2025-03-23
CVE-2025-2659 Project Worlds Online Time Table Generator index.php sql injection — Online Time Table GeneratorCWE-89 7.3 High2025-03-23
CVE-2024-11059 Project Worlds Free Download Online Shopping System success.php sql injection — Free Download Online Shopping SystemCWE-89 6.3 Medium2024-11-10
CVE-2024-10735 Project Worlds Life Insurance Management System editNominee.php sql injection — Life Insurance Management SystemCWE-89 6.3 Medium2024-11-03
CVE-2024-10734 Project Worlds Life Insurance Management System editPayment.php sql injection — Life Insurance Management SystemCWE-89 6.3 Medium2024-11-03
CVE-2024-10447 Project Worlds Online Time Table Generator staffdashboard.php sql injection — Online Time Table GeneratorCWE-89 6.3 Medium2024-10-28
CVE-2024-10446 Project Worlds Online Time Table Generator admindashboard.php sql injection — Online Time Table GeneratorCWE-89 6.3 Medium2024-10-28
CVE-2024-10433 Project Worlds Simple Web-Based Chat Application index.php cross site scripting — Simple Web-Based Chat ApplicationCWE-79 3.5 Low2024-10-28
CVE-2024-10432 Project Worlds Simple Web-Based Chat Application index.php sql injection — Simple Web-Based Chat ApplicationCWE-89 7.3 High2024-10-27
CVE-2024-10425 Project Worlds Student Project Allocation System Project Selection Page move_up_project.php sql injection — Student Project Allocation SystemCWE-89 6.3 Medium2024-10-27
CVE-2024-10424 Project Worlds Student Project Allocation System Project Selection Page remove_project.php sql injection — Student Project Allocation SystemCWE-89 6.3 Medium2024-10-27
CVE-2024-10423 Project Worlds Student Project Allocation System Project Selection Page project_selection.php sql injection — Student Project Allocation SystemCWE-89 6.3 Medium2024-10-27
CVE-2024-0783 Project Worlds Online Admission System documents.php unrestricted upload — Online Admission SystemCWE-434 6.3 Medium2024-01-22
CVE-2024-0730 Project Worlds Online Time Table Generator course_ajax.php sql injection — Online Time Table GeneratorCWE-89 6.3 Medium2024-01-19
CVE-2024-0726 Project Worlds Student Project Allocation System Admin Login Module admin_login.php cross site scripting — Student Project Allocation SystemCWE-79 4.3 Medium2024-01-19

This page lists every published CVE security advisory associated with Project Worlds. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.