Lucene search
+L

7 matches found

ptsecurity
ptsecurity
added 2025/10/11 12:0 a.m.24 views

PT-2025-41638

Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A security issue exists in CodeAstro Gym Management System 1.0. The issue involves the manipulation of the ID argument in the file /admin/actions/delete-member.php, leading to a SQL...

6.5CVSS6.2AI score0.00311EPSS
Exploits1References10
osv
osv
added 2024/08/12 1:38 p.m.3 views

CVE-2024-40488

A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...

8.8CVSS5.8AI score0.00315EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2024/08/08 12:0 a.m.16 views

CVE-2024-40488

A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...

6.7AI score0.00315EPSS
Exploits1References2
prion
prion
added 2012/10/08 6:55 p.m.12 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that 1 add administrator accounts via a membernew action to myadmin/admin1members.php or 2 modify the default site title via a save action...

6.8CVSS7.6AI score0.01118EPSS
Exploits1References5Affected Software1
prion
prion
added 2007/07/10 5:30 p.m.12 views

Sql injection

SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a member action...

7.5CVSS9.1AI score0.01241EPSS
Exploits1References7Affected Software1
nvd
nvd
added 2007/07/10 5:30 p.m.12 views

CVE-2007-3646

SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a member action...

7.5CVSS8.3AI score0.01241EPSS
Exploits1References7
cvelist
cvelist
added 2007/07/10 5:0 p.m.17 views

CVE-2007-3646

SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a member action...

8.3AI score0.01241EPSS
Exploits1References7
Rows per page
Query Builder