Projectworlds Online Shopping System — known CVE vulnerabilities
Every CVE whose affected-product data names Projectworlds Online Shopping System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-43157 — CVSS 9.8 (critical): Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php.
CVE-2025-11070 — CVSS 7.3 (high): A vulnerability was identified in Projectworlds Online Shopping System 1.0. This affects an unknown part of the file /store/cart_add.php…
CVE-2025-12215 — CVSS 7.3 (high): A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing…
CVE-2021-43158 — CVSS 4.3 (medium): In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a remote attacker to remove any product in…