Filtered by vendor Projectworlds
Subscriptions
Filtered by product Online Shopping System
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43157 | 1 Projectworlds | 1 Online Shopping System | 2025-10-29 | 9.8 Critical |
| Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | ||||
| CVE-2021-43158 | 1 Projectworlds | 1 Online Shopping System | 2025-10-29 | 4.3 Medium |
| In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. | ||||
| CVE-2025-12215 | 1 Projectworlds | 1 Online Shopping System | 2025-10-28 | 7.3 High |
| A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2025-11070 | 1 Projectworlds | 2 Online Shopping System, Online Shopping System In Php | 2025-10-03 | 7.3 High |
| A vulnerability was identified in Projectworlds Online Shopping System 1.0. This affects an unknown part of the file /store/cart_add.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. | ||||
Page 1 of 1.