2 matches found
CVE-2024-40487
A Stored Cross Site Scripting XSS vulnerability was found in "/viewtype.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter...
CVE-2024-40487
Kashipara Live Membership System v1.0 is affected by a Stored XSS in the /view_type.php endpoint, exploitable via the membershipType parameter to trigger arbitrary code execution. The issue is documented across multiple sources (NVD/Red Hat/CVE lists and security reports) with a CVSSv3.1 base sco...