PT-2026-21815

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed...

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...

CVE-2025-70148

Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...

PT-2026-20466

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print membership card.php via the ID parameter...

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...

CVE-2025-70149

CVE-2025-70149 affects CodeAstro Membership Management System 1.0, with a SQL injection vulnerability in print_membership_card.php via the ID parameter. The issue is documented across multiple sources (NVD/Red Hat/CIRCL/OSV) as a SQL injection affecting this file, but the provided materials do no...

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...

CVE-2025-70148

Missing authentication and authorization in printmembershipcard.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference...

PT-2026-20465

Name of the Vulnerable Software and Affected Versions CodeAstro Membership Management System version 1.0 Description The application lacks proper authentication and authorization in the print membership card.php file. This allows unauthenticated attackers to access membership card data belonging ...

CVE-2025-70148

CodeAstro Membership Management System 1.0 is affected by an IDOR vulnerability in print_membership_card.php due to missing authentication/authorization. Unauthenticated attackers can access membership card data of arbitrary users by sending direct requests with a manipulated id parameter. CVSSv3...

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in deletemembers.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter...

CVE-2025-70149

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in printmembershipcard.php via the ID parameter...

CVE-2025-70150

CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows unauthenticated attackers to delete arbitrary member records via the id parameter. The CVE-2025-70150 entry uses a network-exposed, unauthenticated path with high impact to...

CodeAstro Membership Management System 安全漏洞

The CodeAstro Membership Management System is a member management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Membership Management System has security vulnerabilities. These vulnerabilities stem from the lack of authentication and authorization in the printmembershipcard.php...