pwnpwnpur1n

3 exploits Active since Jan 2024
CVE-2024-0783 NOMISEC MEDIUM WORKING POC
Project Worlds Online Admission System 1.0 - Unrestricted Upload
A vulnerability was found in Project Worlds Online Admission System 1.0 and classified as critical. This issue affects some unknown processing of the file documents.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251699.
2 stars
CVSS 6.3
CVE-2024-22922 NOMISEC CRITICAL WRITEUP
Projectworlds Vistor Management System <1.0 - Privilege Escalation
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php
CVSS 9.8
CVE-2024-22983 NOMISEC HIGH WRITEUP
Projectworlds Visitor Management System <1.0 - Privilege Escalation
SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint.
CVSS 8.1