wangruo

5 exploits Active since Nov 2025
CVE-2025-13255 WRITEUP MEDIUM WRITEUP
projectworlds Advanced Library Management System 1.0 - SQL Injection via book_search.php book_pub/book_title Parameter
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /book_search.php. Performing a manipulation of the argument book_pub/book_title results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
CVSS 6.3
CVE-2025-13253 WRITEUP MEDIUM WRITEUP
projectworlds Advanced Library Management System 1.0 - SQL Injection via Username Parameter in /add_librarian.php
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. This affects an unknown part of the file /add_librarian.php. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
CVSS 6.3
CVE-2025-13254 WRITEUP MEDIUM WRITEUP
projectworlds Advanced Library Management System 1.0 - SQL Injection via Roll Number Parameter
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /add_member.php. Such manipulation of the argument roll_number leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
CVSS 6.3
CVE-2025-13255 WRITEUP MEDIUM WRITEUP
projectworlds Advanced Library Management System 1.0 - SQL Injection via book_search.php book_pub/book_title Parameter
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. This issue affects some unknown processing of the file /book_search.php. Performing a manipulation of the argument book_pub/book_title results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.
CVSS 6.3
CVE-2025-13256 WRITEUP MEDIUM WRITEUP
projectworlds Advanced Library Management System 1.0 - SQL Injection via borrow.php roll_number Parameter
A weakness has been identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /borrow.php. Executing a manipulation of the argument roll_number can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVSS 6.3