176 matches found
funadmin has Weak Password Recovery Mechanism for Forgotten Password
A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forgetcode/vercode results in weak password recovery. Remote exploitation of the attack is...
EUVD-2003-0370
Malware in sbrugna...
EUVD-2005-4194
Malware in sbrugna...
EUVD-2005-4023
Malware in sbrugna...
EUVD-2006-2334
Malware in sbrugna...
EUVD-2012-6510
Malware in sbrugna...
EUVD-2015-2425
Malware in sbrugna...
EUVD-2018-8908
Malware in sbrugna...
EUVD-2007-3435
Malware in sbrugna...
EUVD-2005-1616
Malware in sbrugna...
CVE-2025-5761 PHPGurukul BP Monitoring Management System edit-family-member.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file /edit-family-member.php. The manipulation of the argument memberage leads to sql injection. The attack may be initiated...
CVE-2014-9240
SQL injection vulnerability in member.php in MyBB aka MyBulletinBoard 1.8.x before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the questionid parameter in a doregister action...
PT-2025-19949
Name of the Vulnerable Software and Affected Versions Gym Management System version 1.0 Description A critical issue has been found in the Gym Management System, affecting some unknown functionality of the file /view member.php. The manipulation of the ID argument leads to SQL injection. The atta...
CVE-2024-7161
A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Change Handler. The manipulation of the argument newpwd/newpwd2 leads to cross-site request forgery...
CVE-2023-44484 Online Blood Donation Management System v1.0 - Stored Cross-Site Scripting (XSS)
Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php...
CVE-2023-1948 PHPGurukul BP Monitoring Management System Add New Family Member add-family-member.php cross site scripting
A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads t...
Exploit for SQL Injection in Funadmin
CVE-2023-24775-and-CVE-2023-24780 my python poc 2023-24780 and...
GHSA-V43V-PV95-JC55 SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...
SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...
CVE-2023-24775
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php...