3 matches found
CVE-2017-10898
SQL injection vulnerability in the A-Member and A-Member for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors...
CVE-2017-10898
CVE-2017-10898 describes a SQL injection in Movable Type plugins A-Member and A-Member for MT cloud, affected through versions 3.8.6 and earlier. The root cause is a vulnerability in processing cookie values (CWE-89). Impact per sources: an attacker who can access pages using these plugins may ob...
JVN#78501037: Movable Type plugin A-Member and A-Reserve vulnerable to SQL injection
A-Member and A-Reserve provided by ARK-Web co., ltd. are plugins for Movable Type which provide functions to build a membership website or a reservation website. A-Member and A-Reserve contain SQL injection CWE-89 vulnerability due to the issue in processing cookie values. Impact An attacker who...