PT-2026-27199 · Projectworlds · Lawyer Management System

Wangyiqi

Publicado

2026-03-23

Atualizado

2026-03-23

CVE-2026-4596

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions projectworlds Lawyer Management System version 1.0

Description A cross site scripting issue exists in projectworlds Lawyer Management System version 1.0. The issue involves the processing of the /lawyers.php file. Manipulation of the first Name argument can lead to cross site scripting. The attack can be initiated remotely. The exploit is publicly available.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79CWE-94

Identificadores relacionados

CVE-2026-4596

Produtos afetados

Lawyer Management System

PT-2026-27199 · Projectworlds · Lawyer Management System

CVE-2026-4596

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6