CVE-2026-36387

CVE-2026-36387 affects CODEASTRO Membership Management System v1.0, specifically the /add_members.php file. The issue arises in the file upload functionality due to improper sanitization, allowing injection of malicious files that can lead to Remote Code Execution (RCE). The available documents c...

PT-2026-38449

A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add members.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...

Incorrect Authorization

Overview github.com/mattermost/mattermost/server/v8/channels/api4 is a platform for secure collaboration across the entire software development lifecycle Affected versions of this package are vulnerable to Incorrect Authorization via the /api/v4/channels/channelid/members endpoint. An attacker ca...

CVE-2025-7930

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /members/addmembers.php. The manipulation of the argument mobile leads to sql injection. The attack can be launched...

Code-Projects Church Donation System 注入漏洞

Code-Projects Church Donation System is Code-Projects open source a church donation system. An injection vulnerability exists in Code-Projects Church Donation System version 1.0, which originates from a SQL injection attack due to a misbehavior of the parameter mobile in the file...

CVE-2024-1819

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. T...

CVE-2024-46236

CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting XSS via the address parameter in addmembers.php and editmember.php...

CodeAstro Membership Management System 跨站脚本漏洞

CodeAstro Membership Management System is a membership management system from CodeAstro, Inc. A security vulnerability exists in CodeAstro Membership Management System version 1.0, which originates from a cross-site scripting vulnerability in the address parameter of addmembers.php and...

CVE-2024-45528

CodeAstro MembershipM-PHP aka Membership Management System in PHP 1.0 allows addmembers.php fullname stored XSS...

GHSA-W67V-PH4X-F48Q Mattermost Server Improper Access Control

Improper Access Control in Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 lacked proper access control in the /api/v4/users/me/teams endpoint allowing a team admin to get the invite ID of their team, thus allowing them to invite users,...

CVE-2024-2333

A vulnerability classified as critical has been found in CodeAstro Membership Management System 1.0. Affected is an unknown function of the file /addmembers.php. The manipulation of the argument fullname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

PT-2024-19811 · Unknown · Codeastro Membership Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A critical issue has been found in the CodeAstro Membership Management System. The problem is related to an unknown function in the file /add members.php, where the manipulation ...

CVE-2024-1819

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. T...

CVE-2024-1819

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. T...

Design/Logic Flaw

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. T...

CVE-2024-1819 CodeAstro Membership Management System Add Members Tab unrestricted upload

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. T...

PT-2024-18334 · Unknown · Codeastro Membership Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A critical issue affects the Add Members Tab component, where the manipulation of the Member Photo argument leads to unrestricted upload. This can be initiated remotely. The issu...

UBUNTU-CVE-2023-4822

Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor...

Cross-Site Request Forgery (CSRF)

github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to add new members with any role, via the user API, which allows the attacker to takeover memos application with HOST role...

iCMS 跨站请求伪造漏洞

iCMS is an application. An efficient and simple content management system built with PHP and MySQL. iCMS version 7.0.15 has a security vulnerability that allows attackers to perform CSRF attacks via "/admincp.php?app=members&do=add"...