CVE-2025-14570

Medium CVSS: 6.9

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_admin.php. This manipulation of the argument admin_id causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.

Vendor

Projectworlds

Product

Advanced Library Management System

CWE

CWE-74

Yayın Tarihi

2025-12-12 19:16:01

Güncelleme

2025-12-19 15:36:33

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Advanced Library Management System MEDIUM Projectworlds 2025

Referanslar

https://github.com/louxiadelaolitou/CVE/issues/1 https://vuldb.com/?ctiid.336194 https://vuldb.com/?id.336194 https://vuldb.com/?submit.704087

Benzer Kayıtlar

Medium

CVE-2026-3757

A security flaw has been discovered in projectworlds Online Art Gallery Shop 1.0. Affected by this vulnerability is an u…

Medium

CVE-2026-3758

A weakness has been identified in projectworlds Online Art Gallery Shop 1.0. Affected by this issue is some unknown func…

Medium

CVE-2026-3759

A security vulnerability has been detected in projectworlds Online Art Gallery Shop 1.0. This affects an unknown part of…

Medium

CVE-2026-3406

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of t…

High

CVE-2025-70147

Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 all…

Critical

CVE-2025-70146

Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Genera…