Projectworlds Travel Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Projectworlds Travel Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2024-51327 — CVSS 9.8 (critical): SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL…
CVE-2020-24203 — CVSS 9.8 (critical): Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management…
CVE-2024-51326 — CVSS 7.5 (high): SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execute arbitrary code via the 't2'…
CVE-2025-9928 — CVSS 7.3 (high): A security flaw has been discovered in projectworlds Travel Management System 1.0. The impacted element is an unknown function of the file…
CVE-2025-9926 — CVSS 7.3 (high): A vulnerability was determined in projectworlds Travel Management System 1.0. Impacted is an unknown function of the file…
CVE-2025-9927 — CVSS 7.3 (high): A vulnerability was identified in projectworlds Travel Management System 1.0. The affected element is an unknown function of the file…
CVE-2025-9050 — CVSS 7.3 (high): A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the…
CVE-2025-9051 — CVSS 7.3 (high): A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the…
CVE-2025-9052 — CVSS 7.3 (high): A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the file /updatepackage.php…
CVE-2025-9053 — CVSS 7.3 (high): A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file…
CVE-2025-9924 — CVSS 7.3 (high): A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file…
CVE-2025-9925 — CVSS 7.3 (high): A vulnerability was found in projectworlds Travel Management System 1.0. This issue affects some unknown processing of the file…
CVE-2024-51328 — CVSS 6.1 (medium): Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject…
CVE-2020-29205 — CVSS 6.1 (medium): XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field