CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6136 – Projectworlds Life Insurance Management System insertPayment.php sql injection
https://notcve.org/view.php?id=CVE-2025-6136
16 Jun 2025 — A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack may be initiated remotely. • https://github.com/YZS17/CVE/blob/main/Life_Insurance_Management_System/sqli_insertPayment.php.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6135 – Projectworlds Life Insurance Management System insertNominee.php sql injection
https://notcve.org/view.php?id=CVE-2025-6135
16 Jun 2025 — A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipulation of the argument client_id/nominee_id leads to sql injection. The attack can be initiated remotely. • https://github.com/YZS17/CVE/blob/main/Life_Insurance_Management_System/sqli_insertNominee.php_client_id.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6134 – Projectworlds Life Insurance Management System insertClient.php sql injection
https://notcve.org/view.php?id=CVE-2025-6134
16 Jun 2025 — A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of the argument client_id leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/YZS17/CVE/blob/main/Life_Insurance_Management_System/sqli_insertClient_client_id.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-6133 – Projectworlds Life Insurance Management System insertagent.php sql injection
https://notcve.org/view.php?id=CVE-2025-6133
16 Jun 2025 — A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/YZS17/CVE/blob/main/Life_Insurance_Management_System/sqli_insertAgent.php_agent_id.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-4836 – Projectworlds Life Insurance Management System deleteAgent.php sql injection
https://notcve.org/view.php?id=CVE-2025-4836
17 May 2025 — A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /deleteAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack may be launched remotely. • https://github.com/Aiyakami/CVE-1/issues/1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2067 – projectworlds Life Insurance Management System search.php sql injection
https://notcve.org/view.php?id=CVE-2025-2067
07 Mar 2025 — A vulnerability was found in projectworlds Life Insurance Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /search.php. The manipulation of the argument key leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ubfbuz3/cve/issues/9 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2066 – projectworlds Life Insurance Management System updateAgent.php sql injection
https://notcve.org/view.php?id=CVE-2025-2066
07 Mar 2025 — A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /updateAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ubfbuz3/cve/issues/8 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2065 – projectworlds Life Insurance Management System editAgent.php sql injection
https://notcve.org/view.php?id=CVE-2025-2065
07 Mar 2025 — A vulnerability, which was classified as critical, was found in projectworlds Life Insurance Management System 1.0. This affects an unknown part of the file /editAgent.php. The manipulation of the argument agent_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ubfbuz3/cve/issues/7 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2064 – projectworlds Life Insurance Management System deletePayment.php sql injection
https://notcve.org/view.php?id=CVE-2025-2064
07 Mar 2025 — A vulnerability, which was classified as critical, has been found in projectworlds Life Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file /deletePayment.php. The manipulation of the argument recipt_no leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ubfbuz3/cve/issues/6 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2063 – projectworlds Life Insurance Management System deleteNominee.php sql injection
https://notcve.org/view.php?id=CVE-2025-2063
07 Mar 2025 — A vulnerability classified as critical was found in projectworlds Life Insurance Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /deleteNominee.php. The manipulation of the argument nominee_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/ubfbuz3/cve/issues/5 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •