Projectworlds Travel Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Projectworlds Travel Management System.
By the Year
In 2026 there have been 0 vulnerabilities in Projectworlds Travel Management System. Last year, in 2025 Travel Management System had 4 security vulnerabilities published. Right now, Travel Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 4 | 8.55 |
| 2024 | 3 | 8.65 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 6.10 |
| 2020 | 1 | 9.80 |
It may take a day or so for new Travel Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Projectworlds Travel Management System Security Vulnerabilities
ProjectWorlds TravelMgmt 1.0: Remote SQLi via updatesubcategory.php
CVE-2025-9053
7.3 - High
- August 15, 2025
A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /updatesubcategory.php. The manipulation of the argument t1/s1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi via s1 in ProjectWorlds TMS 1.0 /updatepackage.php (Remote)
CVE-2025-9052
7.3 - High
- August 15, 2025
A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the file /updatepackage.php. The manipulation of the argument s1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in ProjectWorlds TravelManage 1.0 /updatecategory.php (t1)
CVE-2025-9051
9.8 - Critical
- August 15, 2025
A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi in projectworlds Travel Management System 1.0 /addcategory.php (t1)
CVE-2025-9050
9.8 - Critical
- August 15, 2025
A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /addcategory.php. The manipulation of the argument t1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
ProjectWorld TMS v1.0 SQLi Auth Bypass
CVE-2024-51327
9.8 - Critical
- November 04, 2024
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.
SQL Injection
SQL Injection in Travel Management System v1.0
CVE-2024-51326
7.5 - High
- November 04, 2024
SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execute arbitrary code via the 't2' parameter in deletesubcategory.php.
SQL Injection
XSS in Travel Management System v1.0
CVE-2024-51328
- November 04, 2024
Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject arbitrary code via the t2 parameter.
XSS in signup form in Project Worlds Online Examination System 1.0
CVE-2020-29205
6.1 - Medium
- May 17, 2021
XSS in signup form in Project Worlds Online Examination System 1.0 allows remote attacker to inject arbitrary code via the name field
XSS
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0
CVE-2020-24203
9.8 - Critical
- August 27, 2020
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution.
Unrestricted File Upload
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Projectworlds Travel Management System or by Projectworlds? Click the Watch button to subscribe.
