90 matches found
CVE-2026-36387
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /addmembers.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...
CVE-2026-36387
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /addmembers.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...
CVE-2026-36387
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /addmembers.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...
CVE-2025-70149
CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...
CVE-2025-70150
CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...
CVE-2025-70148
Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...
CVE-2025-70149
CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...
CVE-2025-70149
CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...
CVE-2025-70150
CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...
CVE-2025-70150
CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...
CVE-2025-70148
Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...
CodeAstro Membership Management System 安全漏洞
The CodeAstro Membership Management System is a member management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Membership Management System has a security vulnerability. This vulnerability stems from the lack of validation for the ID parameter in the printmembershipcard.php fil...
CVE-2025-70149
CVE-2025-70149 affects CodeAstro Membership Management System 1.0, with a SQL injection vulnerability in print_membership_card.php via the ID parameter. The issue is documented across multiple sources (NVD/Red Hat/CIRCL/OSV) as a SQL injection affecting this file, but the provided materials do no...
CVE-2025-70150
CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter. The CVE-2025-70150 entry uses a network-exposed, unauthenticated path with high impact to...
CVE-2025-70148
CodeAstro Membership Management System 1.0 is affected by an IDOR vulnerability in print_membership_card.php due to missing authentication/authorization. Unauthenticated attackers can access membership card data of arbitrary users by sending direct requests with a manipulated id parameter. CVSSv3...
CodeAstro Membership Management System 安全漏洞
The CodeAstro Membership Management System is a member management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Membership Management System has security vulnerabilities. These vulnerabilities stem from the lack of authentication and authorization in the printmembershipcard.php...
CVE-2024-2333
A vulnerability classified as critical has been found in CodeAstro Membership Management System 1.0. Affected is an unknown function of the file /addmembers.php. The manipulation of the argument fullname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
EUVD-2025-12556
Malicious code in bioql PyPI...
EUVD-2024-27287
Malicious code in bioql PyPI...
EUVD-2024-17543
Malicious code in bioql PyPI...