Simple Membership System is a simple membership system. A SQL injection vulnerability exists in Simple Membership System v1.0, which stems from the lack of validation of the club_id parameter of the file club_edit_query.php against an externally entered SQL statement. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
simple membership system simple membership system v | eq | 1.0 |