19 matches found
CVE-2026-5540
A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...
Weak Password Recovery Mechanism for Forgotten Password
Overview Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the repass function in the file app/frontend/controller/Member.php when handling the forgetcode or vercode arguments. An attacker can reset user passwords without proper...
GHSA-FMR2-M7GC-577W funadmin has Weak Password Recovery Mechanism for Forgotten Password
A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forgetcode/vercode results in weak password recovery. Remote exploitation of the attack is...
CVE-2025-13254
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. This vulnerability affects unknown code of the file /addmember.php. Such manipulation of the argument rollnumber leads to sql injection. The attack may be performed from remote. The exploit is publicly availab...
Projectworlds Advanced Library Management System SQL注入漏洞
Projectworlds Advanced Library Management System is an advanced library management system from Projectworlds India. A SQL injection vulnerability exists in Projectworlds Advanced Library Management System version 1.0, which stems from incorrect manipulation of the parameter rollnumber in the file...
EUVD-2025-33813
A security vulnerability has been detected in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has...
CVE-2025-11591
A security vulnerability has been detected in CodeAstro Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/actions/delete-member.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has...
CVE-2025-11475
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...
CVE-2025-11475 projectworlds Advanced Library Management System view_member.php sql injection
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing a manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...
EUVD-2025-33174
A vulnerability was determined in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. Executing manipulation of the argument userid can lead to sql injection. The attack can be launched remotely. The exploit has...
Online Discussion Forum edit_member.php File SQL Injection Vulnerability
Online Discussion Forum is an online forum. Online Discussion Forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter ID of the file /admin/editmember.php. An attacker can exploit this vulnerability to...
PT-2025-38239
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Discussion Forum version 1.0 Description: A vulnerability exists in PHPGurukul Online Discussion Forum that may allow remote attackers to inject SQL code. The issue is located in the /admin/edit member.php file, where...
CVE-2025-7187
A vulnerability classified as critical has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /user/fetchmember.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to th...
CVE-2024-6652
A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file managemember.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-4360
A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /viewmember.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The explo...
CodeAstro Membership Management System 跨站脚本漏洞
CodeAstro Membership Management System is a membership management system from CodeAstro, Inc. A security vulnerability exists in CodeAstro Membership Management System version 1.0, which originates from a cross-site scripting vulnerability in the address parameter of addmembers.php and...
PT-2024-39424 · Sourcecodester · Sourcecodester Loan Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Modern Loan Management System version 1.0 Description: A critical issue has been found, allowing for SQL injection through the manipulation of the searchMember argument in the file search member.php. This can be exploited...
Hazelcast Security Breach
Hazelcast Hazelcast IMDG is a set of scalable open source data distribution platform of the U.S. Hazelcast company . The platform supports a variety of distributed data structures, supports distributed caching and other features. A security vulnerability exists in Hazelcast 5.3.4 and earlier...
PT-2023-30855 · Sourcecodester · Sourcecodester Simple Membership System
Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Membership System version 1.0 Description: A critical issue affects the processing of the file delete member.php. The manipulation of the mem id argument leads to sql injection. The attack may be initiated remotely. The...