Lucene search
K

19 matches found

Cvelist
Cvelist
added 2026/04/08 6:43 a.m.23 views

CVE-2026-4871 Sports Club Management <= 1.12.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'before' Attribute

The Sports Club Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'before' and 'after' attributes of the scmmemberdata shortcode in all versions up to, and including, 1.12.9 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00181EPSS
Exploits0References3
CVE
CVE
added 2026/04/08 6:43 a.m.35 views

CVE-2026-4871

The Sports Club Management WordPress plugin (affected: versions up to and including 1.12.9) is vulnerable to Stored Cross-Site Scripting via the scm_member_data shortcode’s before/after attributes. Root cause: insufficient input sanitization and output escaping, enabling authenticated attackers w...

6.4CVSS6.1AI score0.00181EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/04/08 1:54 a.m.5 views

WordPress Sports Club Management plugin <= 1.12.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'before' Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'before' Attribute vulnerability discovered by zaim in WordPress Plugin Sports Club Management versions = 1.12.9...

6.4CVSS5.9AI score0.00181EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

WordPress plugin Sports Club Management 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.7AI score0.00181EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.8 views

CVE-2025-13422

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...

9.8CVSS7AI score0.00394EPSS
Exploits1References1
OSV
OSV
added 2025/11/20 12:15 a.m.2 views

CVE-2025-13422

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...

9.8CVSS5.8AI score0.00394EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/20 12:0 a.m.5 views

Sports Club Management System in php SQL注入漏洞

Sports Club Management System in php is a sports club management system by Darkseid Personal Developer. A SQL injection vulnerability exists in Sports Club Management System in php version 1.0, which stems from an incorrect manipulation of the parameter loginid in the file...

9.8CVSS7.7AI score0.00394EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/11/19 11:32 p.m.4 views

CVE-2025-13422 freeprojectscodes Sports Club Management System change_s_pwd.php sql injection

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...

7.5CVSS7.3AI score0.00394EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/19 11:32 p.m.15 views

CVE-2025-13422 freeprojectscodes Sports Club Management System change_s_pwd.php sql injection

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected element is an unknown function of the file /dashboard/admin/changespwd.php. Performing manipulation of the argument loginid results in sql injection. The attack may be initiated remotely. The exploit...

7.5CVSS0.00394EPSS
Exploits1References4
CVE
CVE
added 2025/11/19 11:32 p.m.20 views

CVE-2025-13422

CVE-2025-13422 affects freeprojectscodes Sports Club Management System 1.0. The vulnerable element is an unknown function in /dashboard/admin/change_s_pwd.php where manipulating the login_id parameter triggers SQL injection. The vulnerability is remotely exploitable and the exploit is public. Doc...

9.8CVSS6.8AI score0.00394EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.8 views

PT-2025-47540

Name of the Vulnerable Software and Affected Versions freeprojectscodes Sports Club Management System version 1.0 Description A flaw exists in freeprojectscodes Sports Club Management System 1.0 that allows for SQL injection. The issue is located in an unknown function within the...

7.5CVSS7.5AI score0.00394EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-51395

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00481EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.7 views

PT-2025-35154

Name of the Vulnerable Software and Affected Versions: itsourcecode Sports Management System version 1.0 Description: A SQL injection issue exists due to the manipulation of the User argument in the file /login.php. This can be initiated remotely. The exploit has been publicly disclosed...

9.8CVSS7.4AI score0.00387EPSS
Exploits1References11
NVD
NVD
added 2022/11/16 8:15 a.m.17 views

CVE-2022-4015

A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/makepayments.php. The manipulation of the argument mid/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

9.8CVSS0.00481EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/11/16 8:15 a.m.6 views

CVE-2022-4015

A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/makepayments.php. The manipulation of the argument mid/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

9.8CVSS8AI score0.00481EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/11/16 8:15 a.m.21 views

Sql injection

A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/makepayments.php. The manipulation of the argument mid/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

7.5CVSS9.7AI score0.00481EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/11/16 12:0 a.m.22 views

CVE-2022-4015 Sports Club Management System make_payments.php sql injection

A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/makepayments.php. The manipulation of the argument mid/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

4.7CVSS10AI score0.00481EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/11/16 12:0 a.m.2 views

Sports-Club-Management-System 安全漏洞

Sports-Club-Management-System is a sports club management system by Shreyansh Gupta, an individual developer. A security vulnerability exists in Sports-Club-Management-System, which stems from an affected unknown section of the file admin/makepayments.php, where manipulation of the parameter...

9.8CVSS8.1AI score0.00481EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/11/16 12:0 a.m.4 views

PT-2022-25246 · Unknown · Sports Club Management System

Name of the Vulnerable Software and Affected Versions: Sports Club Management System version 119 Description: A critical issue was found in the Sports Club Management System, affecting the file admin/make payments.php. The manipulation of the m id/plan argument leads to SQL injection. It is...

9.8CVSS9.8AI score0.00481EPSS
Exploits1References4
Rows per page
Query Builder