90 matches found
CVE-2024-2149 CodeAstro Membership Management System settings.php sql injection
A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file settings.php. The manipulation of the argument currency leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...
CVE-2024-2149 CodeAstro Membership Management System settings.php sql injection
A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file settings.php. The manipulation of the argument currency leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...
CVE-2024-25866
A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php component...
CVE-2024-25869
An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component...
CVE-2024-25866
CVE-2024-25866 concerns CodeAstro Membership Management System (PHP v1.0). Multiple sources describe a SQL Injection vulnerability enabling a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php component. The issue is categorized with high severity (CVSS 3.1...
CodeAstro Membership Management System SQL Injection Vulnerability
CodeAstro Membership Management System is a membership management system from CodeAstro, Inc. A SQL injection vulnerability exists in CodeAstro Membership Management System v.1.0 that could allow a remote attacker to execute arbitrary SQL commands via the email parameter in the index.php componen...
CodeAstro Membership Management System Security Vulnerability
CodeAstro Membership Management System is a membership management system from CodeAstro. A security vulnerability exists in CodeAstro Membership Management System version v.1.0, which stems from a cross-site scripting XSS vulnerability that allows remote attackers to execute arbitrary code via th...
CodeAstro Membership Management System Security Vulnerability
CodeAstro Membership Management System is a membership management system from CodeAstro. A security vulnerability exists in CodeAstro Membership Management System v.1.0, which stems from an unrestricted file upload vulnerability that allows remote attackers to execute arbitrary code via a special...
PT-2024-21173 · Unknown · Codeastro Membership Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A SQL Injection issue allows a remote attacker to execute arbitrary SQL commands via the membershipType and membershipAmount parameters in the "add type.php" component. This...
PT-2024-21172 · Unknown · Codeastro Membership Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A SQL Injection issue allows a remote attacker to execute arbitrary SQL commands via the email parameter in the "index.php" component. This enables the attacker to manipulate...
CVE-2024-25868
A Cross Site Scripting XSS vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via the membershipType parameter in the addtype.php component...
CVE-2024-25868
CVE-2024-25868 concerns CodeAstro Membership Management System (PHP v1.0). Affected component: add_type.php, specifically the membershipType parameter, exploited via stored XSS to trigger arbitrary code execution. Public references consistently describe a cross-site scripting vulnerability in thi...
CVE-2024-25869
CVE-2024-25869 affects CodeAstro Membership Management System v1.0 (PHP). Affected component is settings.php where an unrestricted file upload allows a remote attacker to upload a crafted PHP file and execute arbitrary code. CVSSv3.1 base score 8.8 (High) with network access, low complexity, and ...
CVE-2024-25869
An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component...
CVE-2024-25869
An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component...
CVE-2024-1924
A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...
CVE-2024-1924
A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...
Sql injection
A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...
CVE-2024-1924 CodeAstro Membership Management System get_membership_amount.php sql injection
A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...
CVE-2024-1924
CodeAstro Membership Management System 1.0 contains a SQL injection vulnerability in get_membership_amount.php via the membershipTypeId parameter. The flaw allows remote exploitation and has been publicly disclosed. Affected component is reported as an unspecified area within get_membership_amoun...