Projectworlds Asset Management System 1.0
Approved changes feed: RSS · Atom
cpe:2.3:a:projectworlds:asset_management_system:1.0:*:*:*:*:*:*:*
part: a version: 1.0 update: *
| Vendor | Projectworlds (1c49ba31-3767-5ff6-9610-c6dcb2aee835) |
|---|---|
| Product | Asset Management System (004dea84-a494-51e7-8f80-47512114ca6f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/projectworldsofficial/assets-management-system-in-php |
purl2cpe | 2026-06-01 10:16:18.482019 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-43014 |
vulnerable | 2026-06-03 14:52:54.499915 |
Asset Management System v1.0 - Authenticated SQL Injection (SQLi)
HIGH (8.8)
Asset Management System v1.0 is vulnerable to
an Authenticated SQL Injection vulnerability
on the 'first_name' and 'last_name' parameters
of user.php page, allowing an authenticated
attacker to dump all the contents of the database
contents.
Published: 2023-09-28T21:04:11.974Z
Updated: 2024-09-23T18:48:41.280Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43013 |
vulnerable | 2026-06-03 14:52:54.499424 |
Asset Management System v1.0 - Unauthenticated SQL Injection (SQLi)
CRITICAL (9.8)
Asset Management System v1.0 is vulnerable to an
unauthenticated SQL Injection vulnerability on the
'email' parameter of index.php page, allowing an
external attacker to dump all the contents of the
database contents and bypass the login control.
Published: 2023-09-28T21:00:07.125Z
Updated: 2024-09-23T18:49:40.194Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.