Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43157 | 1 Projectworlds | 1 Online Shopping System | 2025-10-29 | 7.5 HIGH | 9.8 CRITICAL |
| Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | |||||
| CVE-2021-43158 | 1 Projectworlds | 1 Online Shopping System | 2025-10-29 | 4.3 MEDIUM | 4.3 MEDIUM |
| In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in the customer's cart. | |||||
| CVE-2025-12215 | 1 Projectworlds | 1 Online Shopping System | 2025-10-28 | 7.5 HIGH | 7.3 HIGH |
| A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2025-11070 | 1 Projectworlds | 1 Online Shopping System | 2025-10-03 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was identified in Projectworlds Online Shopping System 1.0. This affects an unknown part of the file /store/cart_add.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. | |||||