PT-2024-21173 · Unknown · Codeastro Membership Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A SQL Injection issue allows a remote attacker to execute arbitrary SQL commands via the membershipType and membershipAmount parameters in the "add type.php" component. This...

PT-2024-21172 · Unknown · Codeastro Membership Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A SQL Injection issue allows a remote attacker to execute arbitrary SQL commands via the email parameter in the "index.php" component. This enables the attacker to manipulate...

PT-2024-21174 · Unknown · Codeastro Membership Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via the membershipType parameter in the "add type.php" component. This enables the attacker to...

CVE-2024-25867

CodeAstro Membership Management System (PHP v1.0) has a SQL Injection in add_type.php that allows remote SQL execution via membershipType and membershipAmount parameters. Affected component/file: add_type.php in Version 1.0. Underlying cause: improper input handling enabling arbitrary queries. Im...

CVE-2024-25868

CVE-2024-25868 concerns CodeAstro Membership Management System (PHP v1.0). Affected component: add_type.php, specifically the membershipType parameter, exploited via stored XSS to trigger arbitrary code execution. Public references consistently describe a cross-site scripting vulnerability in thi...

CVE-2024-25869

CVE-2024-25869 affects CodeAstro Membership Management System v1.0 (PHP). Affected component is settings.php where an unrestricted file upload allows a remote attacker to upload a crafted PHP file and execute arbitrary code. CVSSv3.1 base score 8.8 (High) with network access, low complexity, and ...

CVE-2024-25869

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component...

CVE-2024-25868

A Cross Site Scripting XSS vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via the membershipType parameter in the addtype.php component...

CVE-2024-1924

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...

CVE-2024-1924

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...

Sql injection

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...

CVE-2024-1924

CodeAstro Membership Management System 1.0 contains a SQL injection vulnerability in get_membership_amount.php via the membershipTypeId parameter. The flaw allows remote exploitation and has been publicly disclosed. Affected component is reported as an unspecified area within get_membership_amoun...

CVE-2024-1924 CodeAstro Membership Management System get_membership_amount.php sql injection

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...

CVE-2024-1924 CodeAstro Membership Management System get_membership_amount.php sql injection

A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /getmembershipamount.php. The manipulation of the argument membershipTypeId leads to sql injection. It is possible to initiate the attack remotely...

CodeAstro Membership Management System SQL Injection Vulnerability

CodeAstro Membership Management System is a membership management system from CodeAstro. A SQL injection vulnerability exists in CodeAstro Membership Management System version 1.0, which originates from an unknown section in getmembershipmount.php, and can be exploited to perform SQL injection vi...

PT-2024-18426 · Unknown · Codeastro Membership Management System

Name of the Vulnerable Software and Affected Versions: CodeAstro Membership Management System version 1.0 Description: A critical issue has been found in the CodeAstro Membership Management System. The problem affects the /get membership amount.php file, where the manipulation of the...

CVE-2024-1825

A vulnerability, which was classified as problematic, was found in CodeAstro House Rental Management System 1.0. This affects an unknown part of the component User Registration Page. The manipulation of the argument address with the input leads to cross site scripting. It is possible to initiate...

CVE-2024-1825

A vulnerability, which was classified as problematic, was found in CodeAstro House Rental Management System 1.0. This affects an unknown part of the component User Registration Page. The manipulation of the argument address with the input leads to cross site scripting. It is possible to initiate...

Cross site scripting

A vulnerability, which was classified as problematic, was found in CodeAstro House Rental Management System 1.0. This affects an unknown part of the component User Registration Page. The manipulation of the argument address with the input leads to cross site scripting. It is possible to initiate...

CVE-2024-1825

CVE-2024-1825 affects CodeAstro House Rental Management System 1.0, specifically the User Registration Page. The issue is a cross-site scripting (XSS) vulnerability caused by manipulating the address parameter with input like , which can be exploited remotely. The vulnerability is publicly disclo...