Browse all 101 CVE security advisories affecting projectworlds. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Projectworlds operates as a provider of enterprise resource planning and business management software, primarily targeting small to medium-sized enterprises for inventory, sales, and accounting automation. Security audits have identified a significant volume of vulnerabilities, with 101 Common Vulnerabilities and Exposures currently documented. The most prevalent issues involve remote code execution and cross-site scripting, often stemming from inadequate input validation in web interfaces. Additionally, the platform has historically suffered from broken access control flaws, allowing unauthorized privilege escalation and data exposure. These weaknesses suggest systemic gaps in secure coding practices and rigorous penetration testing protocols. While no single catastrophic breach has been widely publicized, the high count of active CVEs indicates persistent exposure to automated exploitation tools. Organizations relying on this software must prioritize immediate patching and network segmentation to mitigate the risk of compromise, given the consistent pattern of critical severity ratings in recent disclosures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-4837 | projectworlds Student Project Allocation System make_group_sql.php sql injection — Student Project Allocation SystemCWE-89 | 7.3 | High | 2025-05-17 |
This page lists every published CVE security advisory associated with projectworlds. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.