CVE Details
Basic Information
| Title | projectworlds Online Admission System viewform.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-08-03T03:02:04.978Z |
| Modified | 2025-08-03T03:02:04.978Z |
Product Information
| Vendor | projectworlds |
|---|---|
| Product | Online Admission System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability in the viewform.php file of projectworlds Online Admission System version 1.0 allows remote attackers to inject arbitrary SQL commands via the ID argument. This vulnerability is critical as it can lead to unauthorized data access and manipulation. |
|---|---|
| AI Severity | High |
| AI Vendor | projectworlds |
| AI Product | Online Admission System |
| AI Version | 1.0 |
Affected Products
- projectworlds Online Admission System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability has been found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewform.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.