Projectworlds Advanced Library Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Projectworlds Advanced Library Management System.
By the Year
In 2026 there have been 0 vulnerabilities in Projectworlds Advanced Library Management System. Last year, in 2025 Advanced Library Management System had 16 security vulnerabilities published. Right now, Advanced Library Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 16 | 6.62 |
It may take a day or so for new Advanced Library Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Projectworlds Advanced Library Management System Security Vulnerabilities
SQLi in Advanced Library Mgmt Sys 1.0 (/borrow_book.php)
CVE-2025-14571
7.3 - High
- December 12, 2025
A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /borrow_book.php. Such manipulation of the argument roll_number leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in projectworlds ALMS 1.0 /view_admin.php admin_id
CVE-2025-14570
7.3 - High
- December 12, 2025
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_admin.php. This manipulation of the argument admin_id causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
SQL Injection
ProjectWorlds ALS 1.0: Remote SQLi via /view_book.php ARG book_id (VULN)
CVE-2025-14527
7.3 - High
- December 11, 2025
A weakness has been identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /view_book.php. Executing a manipulation of the argument book_id can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
SQL Injection
ProjWorlds ALS 1.0 SQLi via /member_search.php (roll_number)
CVE-2025-14212
7.3 - High
- December 08, 2025
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /member_search.php. Executing a manipulation of the argument roll_number can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
SQL Injection
SQL Injection in ProjectWorlds ALMS 1.0 /delete_book.php
CVE-2025-14211
7.3 - High
- December 08, 2025
A vulnerability was detected in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /delete_book.php. Performing a manipulation of the argument book_id results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
SQL Injection
SQL Injection in /delete_member.php of ProjectWorlds ALMS 1.0
CVE-2025-14210
7.3 - High
- December 08, 2025
A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /delete_member.php. Such manipulation of the argument user_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
SQL Injection
SQLi in projectworlds Advanced Library Mgmt Sys 1.0 via delete_admin.php
CVE-2025-13572
7.3 - High
- November 23, 2025
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /delete_admin.php. The manipulation of the argument admin_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
SQL Injection
SQLi in Project Worlds ALMS 1.0 /borrowed_book_search.php
CVE-2025-13278
6.3 - Medium
- November 17, 2025
A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrowed_book_search.php. Such manipulation of the argument datefrom/dateto leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQL Injection in Advanced Library Management System 1.0 /borrow.php
CVE-2025-13256
6.3 - Medium
- November 17, 2025
A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Executing a manipulation of the argument roll_number can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
SQL Injection
SQLi via book_search.php in Projectworlds Advanced Library Management System 1.0
CVE-2025-13255
6.3 - Medium
- November 17, 2025
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /book_search.php. Performing a manipulation of the argument book_pub/book_title results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
SQL Injection
SQLi in ProjectWorlds ALS 1.0 via /add_member.php roll_number
CVE-2025-13254
6.3 - Medium
- November 17, 2025
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /add_member.php. Such manipulation of the argument roll_number leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
SQL Injection
SQLi in ProjectWorlds Advanced Library Management 1.0 /add_librarian.php
CVE-2025-13253
6.3 - Medium
- November 16, 2025
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /add_librarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
SQL Injection
SQLi via /index.php in ProjectWorlds Advanced Library Management System 1.0
CVE-2025-12237
7.3 - High
- October 27, 2025
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.
SQL Injection
ProjectWorlds ALM 1.0 SQLi via /view_member.php (user_id)
CVE-2025-11475
7.3 - High
- October 08, 2025
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /view_member.php. Executing a manipulation of the argument user_id can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
SQL Injection
Unrestricted File Upload in ProjectWorlds AIMS 1.0 /edit_book.php
CVE-2025-11426
6.3 - Medium
- October 08, 2025
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_book.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
Unrestricted File Upload
Advanced Library Mgmt Sys 1.0 XSS via edit_admin.php Firstname Param
CVE-2025-11425
2.4 - Low
- October 08, 2025
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /edit_admin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Other parameters might be affected as well.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Projectworlds Advanced Library Management System or by Projectworlds? Click the Watch button to subscribe.
