Lucene search
K

26 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:32 a.m.7 views

CVE-2024-40486

A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters...

9.8CVSS9AI score0.01016EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:31 a.m.6 views

CVE-2024-40482

An Unrestricted file upload vulnerability was found in "/Membership/editmember.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS9.7AI score0.01202EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:38 a.m.10 views

CVE-2024-40488

A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...

8.8CVSS6.7AI score0.00315EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:38 a.m.7 views

CVE-2024-40487

A Stored Cross Site Scripting XSS vulnerability was found in "/viewtype.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter...

7.6CVSS6.4AI score0.01111EPSS
Exploits1References1
OSV
OSV
added 2024/08/12 1:38 p.m.2 views

CVE-2024-40486

A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters...

9.8CVSS6.1AI score0.01016EPSS
Exploits1References2
OSV
OSV
added 2024/08/12 1:38 p.m.3 views

CVE-2024-40487

A Stored Cross Site Scripting XSS vulnerability was found in "/viewtype.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter...

7.6CVSS6.1AI score0.01111EPSS
Exploits1References2
NVD
NVD
added 2024/08/12 1:38 p.m.12 views

CVE-2024-40486

A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters...

9.8CVSS0.01016EPSS
Exploits1References2
NVD
NVD
added 2024/08/12 1:38 p.m.12 views

CVE-2024-40488

A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...

8.8CVSS0.00315EPSS
Exploits1References2
OSV
OSV
added 2024/08/12 1:38 p.m.2 views

CVE-2024-40482

An Unrestricted file upload vulnerability was found in "/Membership/editmember.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file...

9.8CVSS6AI score0.01202EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.3 views

Live Membership System 安全漏洞

Live Membership System is a live membership system by rashmi mishra individual developer. A security vulnerability exists in Live Membership System v1.0, which stems from a stored cross-site scripting XSS vulnerability found in /viewtype.php...

7.6CVSS5.6AI score0.01111EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.4 views

Kashipara Live Membership System 安全漏洞

Kashipara Live Membership System is a live membership system from Kashipara Inc. A security vulnerability exists in Kashipara Live Membership System version v1.0, which originates from a SQL injection vulnerability in /index.php...

9.8CVSS7.9AI score0.01016EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.4 views

Live Membership System 安全漏洞

Live Membership System is a live membership system by rashmi mishra individual developer. A security vulnerability exists in Live Membership System version v1.0, which stems from an unrestricted file upload vulnerability found in /Membership/editmember.php...

9.8CVSS6.9AI score0.01202EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.5 views

Live Membership System 安全漏洞

Live Membership System is a live membership system by rashmi mishra individual developer. A security vulnerability exists in Live Membership System v1.0, which stems from a cross-site request forgery CSRF vulnerability found in /deletemembers.php...

8.8CVSS6.7AI score0.00315EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/08/08 12:0 a.m.4 views

PT-2024-28872 · Unknown · Kashipara Live Membership System

Name of the Vulnerable Software and Affected Versions: Kashipara Live Membership System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "/view type.php" endpoint, which allows remote attackers to execute arbitrary code via the membershipType parameter...

7.6CVSS6.4AI score0.01111EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/08 12:0 a.m.4 views

PT-2024-28871 · Unknown · Kashipara Live Membership System

Name of the Vulnerable Software and Affected Versions: Kashipara Live Membership System version 1.0 Description: A SQL injection vulnerability in the "/index.php" page of Kashipara Live Membership System allows remote attackers to execute arbitrary SQL commands and bypass login via the email or...

9.8CVSS8.1AI score0.01016EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2024/08/08 12:0 a.m.16 views

CVE-2024-40488

A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...

6.7AI score0.00315EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/08 12:0 a.m.11 views

CVE-2024-40482

An Unrestricted file upload vulnerability was found in "/Membership/editmember.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.8AI score0.01202EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/08/08 12:0 a.m.5 views

PT-2024-28869 · Unknown · Kashipara Live Membership System

Name of the Vulnerable Software and Affected Versions: Kashipara Live Membership System version 1.0 Description: An Unrestricted file upload vulnerability was found in "/Membership/edit member.php" of Kashipara Live Membership System, which allows attackers to execute arbitrary code via uploading...

9.8CVSS7.3AI score0.01202EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/08/08 12:0 a.m.12 views

CVE-2024-40487

A Stored Cross Site Scripting XSS vulnerability was found in "/viewtype.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter...

0.01111EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/08/08 12:0 a.m.16 views

CVE-2024-40486

A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters...

0.01016EPSS
Exploits1References2
Rows per page
Query Builder