26 matches found
CVE-2024-40486
A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters...
CVE-2024-40482
An Unrestricted file upload vulnerability was found in "/Membership/editmember.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file...
CVE-2024-40488
A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...
CVE-2024-40487
A Stored Cross Site Scripting XSS vulnerability was found in "/viewtype.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter...
CVE-2024-40487
A Stored Cross Site Scripting XSS vulnerability was found in "/viewtype.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter...
CVE-2024-40486
A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters...
CVE-2024-40482
An Unrestricted file upload vulnerability was found in "/Membership/editmember.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file...
CVE-2024-40486
A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login parameters...
CVE-2024-40488
A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...
Live Membership System 安全漏洞
Live Membership System is a live membership system by rashmi mishra individual developer. A security vulnerability exists in Live Membership System version v1.0, which stems from an unrestricted file upload vulnerability found in /Membership/editmember.php...
Live Membership System 安全漏洞
Live Membership System is a live membership system by rashmi mishra individual developer. A security vulnerability exists in Live Membership System v1.0, which stems from a cross-site request forgery CSRF vulnerability found in /deletemembers.php...
Live Membership System 安全漏洞
Live Membership System is a live membership system by rashmi mishra individual developer. A security vulnerability exists in Live Membership System v1.0, which stems from a stored cross-site scripting XSS vulnerability found in /viewtype.php...
Kashipara Live Membership System 安全漏洞
Kashipara Live Membership System is a live membership system from Kashipara Inc. A security vulnerability exists in Kashipara Live Membership System version v1.0, which originates from a SQL injection vulnerability in /index.php...
PT-2024-28871 · Unknown · Kashipara Live Membership System
Name of the Vulnerable Software and Affected Versions: Kashipara Live Membership System version 1.0 Description: A SQL injection vulnerability in the "/index.php" page of Kashipara Live Membership System allows remote attackers to execute arbitrary SQL commands and bypass login via the email or...
CVE-2024-40482
An Unrestricted file upload vulnerability was found in "/Membership/editmember.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file...
CVE-2024-40488
A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...
PT-2024-28873 · Unknown · Kashipara Live Membership System
Name of the Vulnerable Software and Affected Versions: Kashipara Live Membership System version 1.0 Description: A Cross-Site Request Forgery CSRF issue was found in the Kashipara Live Membership System. This could lead to an attacker tricking the administrator into deleting valid member data via...
CVE-2024-40488
CVE-2024-40488 affects the Kashipara Live Membership System v1.0. A CSRF flaw could trick an administrator into deleting valid member data via a crafted request to /delete_members.php. The CVE is rated high (CVSS 3.1: 8.8) with attacker-initial access not requiring privileges and user interaction...
PT-2024-28869 · Unknown · Kashipara Live Membership System
Name of the Vulnerable Software and Affected Versions: Kashipara Live Membership System version 1.0 Description: An Unrestricted file upload vulnerability was found in "/Membership/edit member.php" of Kashipara Live Membership System, which allows attackers to execute arbitrary code via uploading...
CVE-2024-40488
A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...