Projectworlds Student Project Allocation System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Projectworlds Student Project Allocation System.
By the Year
In 2026 there have been 0 vulnerabilities in Projectworlds Student Project Allocation System. Last year, in 2025 Student Project Allocation System had 2 security vulnerabilities published. Right now, Student Project Allocation System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 9.80 |
| 2024 | 4 | 8.88 |
It may take a day or so for new Student Project Allocation System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Projectworlds Student Project Allocation System Security Vulnerabilities
ProjectWorlds Student Project Allocation System 1.0 SQLi in make_group_sql.php
CVE-2025-4837
9.8 - Critical
- May 17, 2025
A vulnerability classified as critical has been found in projectworlds Student Project Allocation System 1.0. This affects an unknown part of the file /make_group_sql.php. The manipulation of the argument mem1/mem2/mem3 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi in Project Worlds Student Project Allocation Sys 1.0
CVE-2025-4482
9.8 - Critical
- May 09, 2025
A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /change_pass/forgot_password_sql.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
SQL Injection
SQLi in PWS Student Project Allocation 1.0 move_up_project.php
CVE-2024-10425
9.8 - Critical
- October 27, 2024
A vulnerability was found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /student/project_selection/move_up_project.php of the component Project Selection Page. The manipulation of the argument up leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Project Worlds Student Project Allocation System 1.0 SQLi in remove_project.php
CVE-2024-10424
9.8 - Critical
- October 27, 2024
A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/project_selection/remove_project.php of the component Project Selection Page. The manipulation of the argument no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi in PW Student Project Allocation System 1.0 Project Selection
CVE-2024-10423
9.8 - Critical
- October 27, 2024
A vulnerability, which was classified as critical, was found in Project Worlds Student Project Allocation System 1.0. Affected is an unknown function of the file /student/project_selection/project_selection.php of the component Project Selection Page. The manipulation of the argument project_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CVE-2024-0726: XSS in Project Worlds Student Project Allocation System 1.0 Admin Login Module
CVE-2024-0726
6.1 - Medium
- January 19, 2024
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin_login.php of the component Admin Login Module. The manipulation of the argument msg with the input test%22%3Cscript%3Ealert(%27Torada%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251549 was assigned to this vulnerability.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Projectworlds Student Project Allocation System or by Projectworlds? Click the Watch button to subscribe.
