1000 Projects Portfolio Management System Mca vulnerabilities
16 known vulnerabilities affecting 1000_projects/portfolio_management_system_mca.
Total CVEs
16
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL14MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-12953P2CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12953 [CRITICAL] CWE-284 CVE-2024-12953: A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Managem
A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected by this issue is some unknown functionality of the file /update_pd_process.php. The manipulation of the argument profile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed t
nvd
CVE-2024-12954P2CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12954 [CRITICAL] CWE-284 CVE-2024-12954: A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management S
A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. This affects an unknown part of the file /update_ach.php. The manipulation of the argument ach_certy leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be
nvd
CVE-2024-12956P2CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12956 [CRITICAL] CWE-284 CVE-2024-12956: A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as cri
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /add_achievement_details.php. The manipulation of the argument ach_certy leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public a
nvd
CVE-2024-12951P3CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12951 [CRITICAL] CWE-284 CVE-2024-12951: A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System M
A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected is an unknown function of the file /add_personal_details.php. The manipulation of the argument profile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may
nvd
CVE-2024-11256P3CRITICALCVSS 9.8v1.02024-11-15
CVE-2024-11256 [CRITICAL] CWE-74 CVE-2024-11256: A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as cri
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-12959P3CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12959 [CRITICAL] CWE-74 CVE-2024-12959: A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.
A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0. This vulnerability affects unknown code of the file /update_personal_details.php. The manipulation of the argument q leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-12958P3CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12958 [CRITICAL] CWE-74 CVE-2024-12958: A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System M
A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. This affects an unknown part of the file /update_pro_details.php. The manipulation of the argument q leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-11744P3CRITICALCVSS 9.8v1.02024-11-26
CVE-2024-11744 [CRITICAL] CWE-74 CVE-2024-11744: A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified a
A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may
nvd
CVE-2024-11819P3CRITICALCVSS 9.8v1.02024-11-27
CVE-2024-11819 [CRITICAL] CWE-74 CVE-2024-11819: A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.
A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0. This vulnerability affects unknown code of the file /forgot_password_process.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-12960P3CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12960 [CRITICAL] CWE-74 CVE-2024-12960: A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Managem
A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. This issue affects some unknown processing of the file /update_edu_details.php. The manipulation of the argument q leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may
nvd
CVE-2024-13003P3CRITICALCVSS 9.8v1.02024-12-29
CVE-2024-13003 [CRITICAL] CWE-74 CVE-2024-13003: A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /update_ed.php. The manipulation of the argument e_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be use
nvd
CVE-2024-12942P3CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12942 [CRITICAL] CWE-74 CVE-2024-12942: A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been classifi
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/admin_login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public
nvd
CVE-2024-12965P3CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12965 [CRITICAL] CWE-74 CVE-2024-12965: A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been declared
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /update_ex_detail.php. The manipulation of the argument q leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2024-12961P3CRITICALCVSS 9.8v1.02024-12-26
CVE-2024-12961 [CRITICAL] CWE-74 CVE-2024-12961: A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management S
A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. Affected is an unknown function of the file /update_ach_details.php. The manipulation of the argument q leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2026-7143P3MEDIUMCVSS 6.3v1.02026-04-27
CVE-2026-7143 [MEDIUM] CWE-74 CVE-2026-7143: A vulnerability was identified in 1000 Projects Portfolio Management System MCA up to 1.0. This affe
A vulnerability was identified in 1000 Projects Portfolio Management System MCA up to 1.0. This affects an unknown function of the file /admin/block_status.php. The manipulation of the argument q leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
nvd
CVE-2026-7144P4MEDIUMCVSS 4.3v1.02026-04-27
CVE-2026-7144 [MEDIUM] CWE-285 CVE-2026-7144: A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impac
A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of the file update_passwd_process.php. The manipulation of the argument temp_user results in authorization bypass. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
nvd