CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

57 matches found

NVD•added 2026/02/18 6:24 p.m.•2 views

CVE-2025-70148

Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...

7.5CVSS0.00142EPSS

Exploits1References2

CVE•added 2026/02/18 12:0 a.m.•5 views

CVE-2025-70148

CodeAstro Membership Management System 1.0 is affected by an IDOR vulnerability in print_membership_card.php due to missing authentication/authorization. Unauthenticated attackers can access membership card data of arbitrary users by sending direct requests with a manipulated id parameter. CVSSv3...

7.5CVSS5.7AI score0.00142EPSS

Exploits1References2Affected Software1

CVE•added 2026/02/18 12:0 a.m.•4 views

CVE-2025-70149

Technical details (affected software, vulnerable component, impact, or fix) are not publicly provided in the supplied documents. Monitor for updates.

9.8CVSS6AI score0.00052EPSS

Exploits1References2Affected Software1

RedhatCVE•added 2026/01/07 9:15 a.m.•7 views

CVE-2024-2333

A vulnerability classified as critical has been found in CodeAstro Membership Management System 1.0. Affected is an unknown function of the file /addmembers.php. The manipulation of the argument fullname leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

7.2CVSS7.5AI score0.00079EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-27287

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00079EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-12556

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00173EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-27113

Malicious code in bioql PyPI...

7.2CVSS5AI score0.00069EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-17543

Malicious code in bioql PyPI...

7.2CVSS5AI score0.00054EPSS

Exploits1References3

RedhatCVE•added 2025/05/23 10:36 a.m.•4 views

CVE-2024-46470

Cross Site Scripting vulnerability in CodeAstro Membership Management System 1.0 allows attackers to run malicious JavaScript via the membershiptype field in the edit-type.php component...

6.1CVSS6.5AI score0.00193EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 10:36 a.m.•6 views

CVE-2024-46471

The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes the structure and contents of directories, potentially revealing sensitive information...

7.5CVSS6.9AI score0.0018EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 10:32 a.m.•8 views

CVE-2024-48709

CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting XSS via the membershipType parameter in edittype.php...

5.4CVSS6.1AI score0.00233EPSS

Exploits1

RedhatCVE•added 2025/05/23 9:46 a.m.•4 views

CVE-2024-25868

A Cross Site Scripting XSS vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via the membershipType parameter in the addtype.php component...

6.1CVSS6.5AI score0.00197EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 9:45 a.m.•5 views

CVE-2024-25867

A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commands via the membershipType and membershipAmount parameters in the addtype.php component...

9.1CVSS8.8AI score0.00126EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 9:41 a.m.•4 views

CVE-2024-1819

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the component Add Members Tab. The manipulation of the argument Member Photo leads to unrestricted upload. It is possible to initiate the attack remotely. T...

7.2CVSS6.9AI score0.00054EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 9:39 a.m.•17 views

CVE-2024-1924

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...

6.5CVSS7.4AI score0.00074EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:8 a.m.•6 views

CVE-2024-2149

A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file settings.php. The manipulation of the argument currency leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

7.2CVSS7.6AI score0.00069EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:0 a.m.•6 views

CVE-2024-25869

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component...

8.8CVSS8AI score0.56013EPSS

Exploits1References1

RedhatCVE•added 2025/04/30 3:17 a.m.•18 views

CVE-2025-3998

A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file renew.php?id=6. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to t...

9.8CVSS7.6AI score0.00173EPSS

Exploits1References1

NVD•added 2025/04/28 4:15 a.m.•12 views

CVE-2025-3998

9.8CVSS0.00173EPSS

Exploits1References5