Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

projectworlds — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting projectworlds. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Projectworlds operates as a provider of enterprise resource planning and business management software, primarily targeting small to medium-sized enterprises for inventory, sales, and accounting automation. Security audits have identified a significant volume of vulnerabilities, with 101 Common Vulnerabilities and Exposures currently documented. The most prevalent issues involve remote code execution and cross-site scripting, often stemming from inadequate input validation in web interfaces. Additionally, the platform has historically suffered from broken access control flaws, allowing unauthorized privilege escalation and data exposure. These weaknesses suggest systemic gaps in secure coding practices and rigorous penetration testing protocols. While no single catastrophic breach has been widely publicized, the high count of active CVEs indicates persistent exposure to automated exploitation tools. Organizations relying on this software must prioritize immediate patching and network segmentation to mitigate the risk of compromise, given the consistent pattern of critical severity ratings in recent disclosures.

Top products by projectworlds: Advanced Library Management System Life Insurance Management System Travel Management System Online Doctor Appointment Booking System Online Admission System Online Art Gallery Shop Visitor Management System Online Hotel Booking Expense Management System Online Examination System Online Lawyer Management System Online Time Table Generator House Rental and Property Listing Car Rental System Car Rental Project Lawyer Management System Gate Pass Management System Online Shopping System Online Notes Sharing Platform Online Food Ordering System Apartment Visitors Management System Online Tours and Travels Online Ordering Food System can pass malicious payloads Responsive E-Learning System Online Notes Sharing System Student Project Allocation System Hospital Database Management System
CVE IDTitleCVSSSeverityPublished
CVE-2026-5645 projectworlds Car Rental System Parameter pay.php sql injection — Car Rental SystemCWE-89 7.3 High2026-04-06
CVE-2026-5637 projectworlds Car Rental System Parameter message_admin.php sql injection — Car Rental SystemCWE-89 7.3 High2026-04-06
CVE-2026-5634 projectworlds Car Rental Project Parameter book_car.php sql injection — Car Rental ProjectCWE-89 7.3 High2026-04-06
CVE-2026-5368 projectworlds Car Rental Project Parameter login.php sql injection — Car Rental ProjectCWE-89 7.3 High2026-04-02
CVE-2026-4626 projectworlds Lawyer Management System lawyer_booking.php cross site scripting — Lawyer Management SystemCWE-79 3.5 Low2026-03-24
CVE-2026-4596 projectworlds Lawyer Management System lawyers.php cross site scripting — Lawyer Management SystemCWE-79 3.5 Low2026-03-23
CVE-2026-4540 projectworlds Online Notes Sharing System Parameters login.php sql injection — Online Notes Sharing SystemCWE-89 7.3 High2026-03-22
CVE-2026-3759 projectworlds Online Art Gallery Shop adminHome.php sql injection — Online Art Gallery ShopCWE-89 7.3 High2026-03-08
CVE-2026-3758 projectworlds Online Art Gallery Shop adminHome.php sql injection — Online Art Gallery ShopCWE-89 7.3 High2026-03-08
CVE-2026-3757 projectworlds Online Art Gallery Shop pass sql injection — Online Art Gallery ShopCWE-89 7.3 High2026-03-08
CVE-2026-3406 projectworlds Online Art Gallery Shop Registration registration.php sql injection — Online Art Gallery ShopCWE-89 7.3 High2026-03-02
CVE-2026-2136 projectworlds Online Food Ordering System view-ticket.php sql injection — Online Food Ordering SystemCWE-89 7.3 High2026-02-08
CVE-2026-1700 projectworlds House Rental and Property Listing sms.php cross site scripting — House Rental and Property ListingCWE-79 3.5 Low2026-01-30
CVE-2026-0643 projectworlds House Rental and Property Listing Signup register.php unrestricted upload — House Rental and Property ListingCWE-434 7.3 High2026-01-06
CVE-2026-0642 projectworlds House Rental and Property Listing complaint.php cross site scripting — House Rental and Property ListingCWE-79 2.4 Low2026-01-06
CVE-2025-14571 projectworlds Advanced Library Management System borrow_book.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-12-12
CVE-2025-14570 projectworlds Advanced Library Management System view_admin.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-12-12
CVE-2025-14527 projectworlds Advanced Library Management System view_book.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-12-11
CVE-2025-14212 projectworlds Advanced Library Management System member_search.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-12-08
CVE-2025-14211 projectworlds Advanced Library Management System delete_book.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-12-08
CVE-2025-14210 projectworlds Advanced Library Management System delete_member.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-12-08
CVE-2025-13573 projectworlds can pass malicious payloads add_book.php unrestricted upload — can pass malicious payloadsCWE-434 6.3 Medium2025-11-23
CVE-2025-13572 projectworlds Advanced Library Management System delete_admin.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-11-23
CVE-2025-13278 projectworlds Advanced Library Management System borrowed_book_search.php sql injection — Advanced Library Management SystemCWE-89 6.3 Medium2025-11-17
CVE-2025-13256 projectworlds Advanced Library Management System borrow.php sql injection — Advanced Library Management SystemCWE-89 6.3 Medium2025-11-17
CVE-2025-13255 projectworlds Advanced Library Management System book_search.php sql injection — Advanced Library Management SystemCWE-89 6.3 Medium2025-11-17
CVE-2025-13254 projectworlds Advanced Library Management System add_member.php sql injection — Advanced Library Management SystemCWE-89 6.3 Medium2025-11-17
CVE-2025-13253 projectworlds Advanced Library Management System add_librarian.php sql injection — Advanced Library Management SystemCWE-89 6.3 Medium2025-11-16
CVE-2025-12938 projectworlds Online Admission System process_login.php sql injection — Online Admission SystemCWE-89 7.3 High2025-11-10
CVE-2025-12862 projectworlds Online Notes Sharing Platform userprofile.php unrestricted upload — Online Notes Sharing PlatformCWE-434 6.3 Medium2025-11-07

This page lists every published CVE security advisory associated with projectworlds. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.