7 matches found
PT-2025-41638
Name of the Vulnerable Software and Affected Versions CodeAstro Gym Management System version 1.0 Description A security issue exists in CodeAstro Gym Management System 1.0. The issue involves the manipulation of the ID argument in the file /admin/actions/delete-member.php, leading to a SQL...
CVE-2024-40488
A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...
CVE-2024-40488
A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that 1 add administrator accounts via a membernew action to myadmin/admin1members.php or 2 modify the default site title via a save action...
Sql injection
SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a member action...
CVE-2007-3646
SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a member action...
CVE-2007-3646
SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a member action...