Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-24203 | 7.5 |
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution.
|
12-07-2022 - 17:42 | 27-08-2020 - 18:15 | |
CVE-2020-29283 | 7.5 |
An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php.
|
04-12-2020 - 16:37 | 02-12-2020 - 22:15 | |
CVE-2020-29285 | 7.5 |
SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php.
|
04-12-2020 - 16:27 | 02-12-2020 - 22:15 | |
CVE-2020-23832 | 4.3 |
A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin session upon an admin lo
|
14-10-2020 - 02:40 | 06-10-2020 - 13:15 | |
CVE-2020-23833 | 7.5 |
Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request.
|
18-09-2020 - 19:51 | 15-09-2020 - 22:15 | |
CVE-2020-24199 | 7.5 |
Arbitrary File Upload in the Vehicle Image Upload component in Project Worlds Car Rental Management System v1.0 allows attackers to conduct remote code execution.
|
10-09-2020 - 01:58 | 09-09-2020 - 15:15 | |
CVE-2020-24202 | 7.5 |
File Upload component in Projects World House Rental v1.0 suffers from an arbitrary file upload vulnerability with regular users, which allows remote attackers to conduct code execution.
|
31-08-2020 - 16:06 | 27-08-2020 - 18:15 |