Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

projectworlds — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting projectworlds. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Projectworlds operates as a provider of enterprise resource planning and business management software, primarily targeting small to medium-sized enterprises for inventory, sales, and accounting automation. Security audits have identified a significant volume of vulnerabilities, with 101 Common Vulnerabilities and Exposures currently documented. The most prevalent issues involve remote code execution and cross-site scripting, often stemming from inadequate input validation in web interfaces. Additionally, the platform has historically suffered from broken access control flaws, allowing unauthorized privilege escalation and data exposure. These weaknesses suggest systemic gaps in secure coding practices and rigorous penetration testing protocols. While no single catastrophic breach has been widely publicized, the high count of active CVEs indicates persistent exposure to automated exploitation tools. Organizations relying on this software must prioritize immediate patching and network segmentation to mitigate the risk of compromise, given the consistent pattern of critical severity ratings in recent disclosures.

Top products by projectworlds: Advanced Library Management System Life Insurance Management System Travel Management System Online Doctor Appointment Booking System Online Admission System Online Art Gallery Shop Visitor Management System Online Hotel Booking Expense Management System Online Examination System Online Lawyer Management System Online Time Table Generator House Rental and Property Listing Car Rental System Car Rental Project Lawyer Management System Gate Pass Management System Online Shopping System Online Notes Sharing Platform Online Food Ordering System Apartment Visitors Management System Online Tours and Travels Online Ordering Food System can pass malicious payloads Responsive E-Learning System Online Notes Sharing System Student Project Allocation System Hospital Database Management System
CVE IDTitleCVSSSeverityPublished
CVE-2025-12237 projectworlds Advanced Library Management System index.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-10-27
CVE-2025-12231 projectworlds Expense Management System Expense Categories create cross site scripting — Expense Management SystemCWE-79 2.4 Low2025-10-27
CVE-2025-12230 projectworlds Expense Management System Currency create cross site scripting — Expense Management SystemCWE-79 2.4 Low2025-10-27
CVE-2025-12229 projectworlds Expense Management System Roles Page create cross site scripting — Expense Management SystemCWE-79 2.4 Low2025-10-27
CVE-2025-12228 projectworlds Expense Management System Users Page create cross site scripting — Expense Management SystemCWE-79 2.4 Low2025-10-27
CVE-2025-12227 projectworlds Gate Pass Management System add-pass.php cross site scripting — Gate Pass Management SystemCWE-79 3.5 Low2025-10-27
CVE-2025-12215 projectworlds Online Shopping System login_submit.php sql injection — Online Shopping SystemCWE-89 7.3 High2025-10-27
CVE-2025-11604 projectworlds Online Ordering Food System all-orders.php sql injection — Online Ordering Food SystemCWE-89 7.3 High2025-10-11
CVE-2025-11557 projectworlds Gate Pass Management System add-pass.php sql injection — Gate Pass Management SystemCWE-89 7.3 High2025-10-09
CVE-2025-11475 projectworlds Advanced Library Management System view_member.php sql injection — Advanced Library Management SystemCWE-89 7.3 High2025-10-08
CVE-2025-11426 projectworlds Advanced Library Management System edit_book.php unrestricted upload — Advanced Library Management SystemCWE-434 6.3 Medium2025-10-08
CVE-2025-11425 projectworlds Advanced Library Management System edit_admin.php cross site scripting — Advanced Library Management SystemCWE-79 2.4 Low2025-10-08
CVE-2025-11103 Projectworlds Online Tours and Travels change-image.php unrestricted upload — Online Tours and TravelsCWE-434 4.7 Medium2025-09-28
CVE-2025-11070 Projectworlds Online Shopping System cart_add.php sql injection — Online Shopping SystemCWE-89 7.3 High2025-09-27
CVE-2025-11067 Projectworlds Visitor Management System Add Visitor myform.php cross site scripting — Visitor Management SystemCWE-79 2.4 Low2025-09-27
CVE-2025-9928 projectworlds Travel Management System viewcategory.php sql injection — Travel Management SystemCWE-89 7.3 High2025-09-03
CVE-2025-9927 projectworlds Travel Management System viewpackage.php sql injection — Travel Management SystemCWE-89 7.3 High2025-09-03
CVE-2025-9926 projectworlds Travel Management System viewsubcategory.php sql injection — Travel Management SystemCWE-89 7.3 High2025-09-03
CVE-2025-9925 projectworlds Travel Management System detail.php sql injection — Travel Management SystemCWE-89 7.3 High2025-09-03
CVE-2025-9924 projectworlds Travel Management System enquiry.php sql injection — Travel Management SystemCWE-89 7.3 High2025-09-03
CVE-2025-9053 projectworlds Travel Management System updatesubcategory.php sql injection — Travel Management SystemCWE-89 7.3 High2025-08-15
CVE-2025-9052 projectworlds Travel Management System updatepackage.php sql injection — Travel Management SystemCWE-89 7.3 High2025-08-15
CVE-2025-9051 projectworlds Travel Management System updatecategory.php sql injection — Travel Management SystemCWE-89 7.3 High2025-08-15
CVE-2025-9050 projectworlds Travel Management System addcategory.php sql injection — Travel Management SystemCWE-89 7.3 High2025-08-15
CVE-2025-9047 projectworlds Visitor Management System visitor_out.php sql injection — Visitor Management SystemCWE-89 7.3 High2025-08-15
CVE-2025-8948 projectworlds Visitor Management System front.php sql injection — Visitor Management SystemCWE-89 7.3 High2025-08-14
CVE-2025-8947 projectworlds Visitor Management System query_data.php sql injection — Visitor Management SystemCWE-89 7.3 High2025-08-14
CVE-2025-8946 projectworlds Online Notes Sharing Platform login.php sql injection — Online Notes Sharing PlatformCWE-89 7.3 High2025-08-14
CVE-2025-8496 projectworlds Online Admission System viewform.php sql injection — Online Admission SystemCWE-89 7.3 High2025-08-03
CVE-2025-8471 projectworlds Online Admission System adminlogin.php sql injection — Online Admission SystemCWE-89 7.3 High2025-08-02

This page lists every published CVE security advisory associated with projectworlds. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.