CVE-2023-24775

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...

Sql injection

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...

CSZ CMS SQL Injection Vulnerability (CNVD-2022-30782)

CSZ CMS is a PHP-based open-source content management system CMS.A SQL injection vulnerability exists in CSZ CMS 1.2.9, which can be exploited by attackers via cszcms/controllers/Member.php...

Home Owners Collection Management System SQL注入漏洞

Home Owners Collection Management System is an owner collection management system. Home Owners Collection Management System contains a SQL injection vulnerability, which originates from the id parameter in the member view member.php, which is found in Home Owners Collection Management System v1.0...

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

CVE-2021-46377

There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member.phpviewUser...

CVE-2012-6666

vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter...

Design/Logic Flaw

vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter...

CVE-2012-6666

CVE-2012-6666 affects vBSeo prior to 3.6.0PL2. The issue is a reflected XSS vulnerability exploitable via the member.php u parameter. The provided documents do not specify affected platforms beyond the product/version and do not include exploit code or remediation details. No additional impact or...

CVE-2012-6666

vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter...

Design/Logic Flaw

SeaCMS 7.2 mishandles member.php?mod=repsw4 requests...

CVE-2019-8418

SeaCMS 7.2 mishandles member.php?mod=repsw4 requests...

CVE-2019-8418

CVE-2019-8418 affects SeaCMS 7.2 and is triggered by mishandling requests to member.php?mod=repsw4. The NVD record lists CVSS v3 as 8.8 (HIGH) with network attack, low complexity, and privileges required as LOW; impacts are HIGH for confidentiality, integrity, and availability. The description al...

CVE-2019-8418

SeaCMS 7.2 mishandles member.php?mod=repsw4 requests...

CVE-2018-19350

In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element...

Cross site scripting

In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element...

CVE-2018-19350

SeaCMS v6.6.4 is vulnerable to a stored XSS via the email parameter in member.php?action=chgpwdsubmit during password changes. The issue is demonstrated by a data: URL inside an OBJECT element. Confirmed by multiple sources (NVD entry CVE-2018-19350 and CNVD/CVEs referencing SeaCMS 6.6.4). The vu...

Design/Logic Flaw

PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,...

CVE-2018-17130

PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header,...

radiodauerbrenner.at XSS vulnerability

Open Bug Bounty ID: OBB-627788 Description| Value ---|--- Affected Website:| radiodauerbrenner.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...