Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/04/06 5:24 a.m.6 views

CVE-2026-5540

A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS6.9AI score0.00274EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/22 12:31 a.m.4 views

Weak Password Recovery Mechanism for Forgotten Password

Overview Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the repass function in the file app/frontend/controller/Member.php when handling the forgetcode or vercode arguments. An attacker can reset user passwords without proper...

8.1CVSS6AI score0.00392EPSS
Exploits1References2
OSV
OSV
added 2026/02/22 12:31 a.m.7 views

GHSA-FMR2-M7GC-577W funadmin has Weak Password Recovery Mechanism for Forgotten Password

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forgetcode/vercode results in weak password recovery. Remote exploitation of the attack is...

6.3CVSS4.7AI score0.00392EPSS
Exploits1References6
NVD
NVD
added 2025/11/17 1:15 a.m.4 views

CVE-2025-13254

A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...

8.8CVSS0.00313EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.5 views

Projectworlds Advanced Library Management System SQL注入漏洞

Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Advanced Library Management System version 1.0, which stems from incorrect manipulation of the parameter rollnumber in the file...

8.8CVSS7AI score0.00313EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/11 6:30 a.m.5 views

EUVD-2025-33813

A security vulnerability has been detected in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has...

6.5CVSS6.6AI score0.00311EPSS
Exploits1References6
NVD
NVD
added 2025/10/11 5:15 a.m.7 views

CVE-2025-11591

A security vulnerability has been detected in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has...

8.8CVSS0.00311EPSS
Exploits1References5
OSV
OSV
added 2025/10/08 1:15 p.m.4 views

CVE-2025-11475

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

9.8CVSS5.8AI score0.00387EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/08 1:2 p.m.2 views

CVE-2025-11475 projectworlds Advanced Library Management System view_member.php sql injection

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

7.5CVSS7.2AI score0.00387EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/08 1:2 p.m.5 views

EUVD-2025-33174

A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...

7.5CVSS6.6AI score0.00387EPSS
Exploits1References5
CNVD
CNVD
added 2025/09/19 12:0 a.m.2 views

Online Discussion Forum edit_member.php File SQL Injection Vulnerability

Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /admin/editmember.php. An attacker can exploit this vulnerability to...

9.8CVSS7.9AI score0.00384EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.5 views

PT-2025-38239

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Discussion Forum version 1.0 Description: A vulnerability exists in PHPGurukul Online Discussion Forum that may allow remote attackers to inject SQL code. The issue is located in the /admin/edit member.php file, where...

9.8CVSS7.5AI score0.00384EPSS
Exploits1References8
OSV
OSV
added 2025/07/08 5:16 p.m.7 views

CVE-2025-7187

A vulnerability classified as critical has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /user/fetchmember.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to th...

8.8CVSS5.8AI score0.00381EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 8:14 a.m.4 views

CVE-2024-6652

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file managemember.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

8.8CVSS8AI score0.00619EPSS
Exploits1References1
OSV
OSV
added 2025/05/06 3:16 p.m.6 views

CVE-2025-4360

A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The explo...

9.8CVSS5.8AI score0.00438EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/10/21 12:0 a.m.3 views

CodeAstro Membership Management System 跨站脚本漏洞

CodeAstro Membership Management System is a membership management system from CodeAstro, Inc. A security vulnerability exists in CodeAstro Membership Management System version 1.0, which originates from a cross-site scripting vulnerability in the address parameter of addmembers.php and...

5.4CVSS6.2AI score0.00272EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/09/22 12:0 a.m.5 views

PT-2024-39424 · Sourcecodester · Sourcecodester Loan Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Modern Loan Management System version 1.0 Description: A critical issue has been found, allowing for SQL injection through the manipulation of the searchMember argument in the file search member.php. This can be exploited...

9.8CVSS8.1AI score0.00572EPSS
Exploits1References11
CNNVD
CNNVD
added 2024/02/16 12:0 a.m.7 views

Hazelcast Security Breach

Hazelcast Hazelcast IMDG is a set of scalable open source data distribution platform of the U.S. Hazelcast company . The platform supports a variety of distributed data structures, supports distributed caching and other features. A security vulnerability exists in Hazelcast 5.3.4 and earlier...

6.5CVSS6.6AI score0.00528EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/09/09 12:0 a.m.6 views

PT-2023-30855 · Sourcecodester · Sourcecodester Simple Membership System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Membership System version 1.0 Description: A critical issue affects the processing of the file delete member.php. The manipulation of the mem id argument leads to sql injection. The attack may be initiated remotely. The...

7.5CVSS7.8AI score0.00533EPSS
Exploits1References9
Rows per page
Query Builder