Versions
Recent CVEs
CVE-2024-51327
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.
CRITICAL
Nov 04, 2024
CVE-2024-51326
SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execute arbitrary code via the 't2' parameter in deletesubcategory.php.
HIGH
Nov 04, 2024