Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-7858

Malicious code in bioql PyPI...

7.1CVSS9.2AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2025/09/18 10:32 a.m.21 views

CVE-2025-10662

CVE-2025-10662 affects SeaCMS up to version 13.3. The vulnerability is a SQL injection in the parameter ID manipulated in the file /admin_members.php?ac=editsave, allowing remote exploitation. The vulnerability is reported to be exploitable because the ID argument is unsafely handled, with public...

9.8CVSS5.3AI score0.00381EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/07/25 8:15 p.m.4 views

CVE-2025-8167

A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/editmembers.php. The manipulation of the argument fname leads to cross site scripting. The attack can be launch...

5.4CVSS3.6AI score0.00311EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/03/13 10:7 p.m.8 views

CVE-2025-28901

Cross-Site Request Forgery CSRF vulnerability in Naren Members page only for logged in users members-page-only-for-logged-in-users allows Stored XSS.This issue affects Members page only for logged in users: from n/a through = 1.4.2...

7.1CVSS7.2AI score0.00139EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/11 9:44 p.m.1 views

WordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Members page only for logged in users versions = 1.4.2...

7.1CVSS8.1AI score0.00139EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/11 9:15 p.m.5 views

CVE-2025-28901

Cross-Site Request Forgery CSRF vulnerability in Naren Members page only for logged in users members-page-only-for-logged-in-users allows Stored XSS.This issue affects Members page only for logged in users: from n/a through = 1.4.2...

7.1CVSS0.00139EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 9:0 p.m.5 views

CVE-2025-28901 WordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Naren Members page only for logged in users members-page-only-for-logged-in-users allows Stored XSS.This issue affects Members page only for logged in users: from n/a through = 1.4.2...

7.1CVSS7.2AI score0.00139EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 9:0 p.m.44 views

CVE-2025-28901

CVE-2025-28901 describes a CSRF to Stored XSS vulnerability in the WordPress plugin version 1.4.2 and earlier of the Members page (logged-in users). Exploitation context is a CSRF on the Members page that can lead to stored XSS within the application for authenticated users. The CVSS 3.1 base sco...

7.1CVSS7.2AI score0.00139EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.1 views

WordPress plugin Members page only for logged in users 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Members page only for logged in...

7.1CVSS8.1AI score0.00139EPSS
Exploits0References3
OSV
OSV
added 2024/10/21 7:15 p.m.4 views

CVE-2024-46236

CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting XSS via the address parameter in addmembers.php and editmember.php...

5.4CVSS5.8AI score0.00272EPSS
Exploits1References1
OSV
OSV
added 2024/09/02 5:15 a.m.6 views

CVE-2024-45528

CodeAstro MembershipM-PHP aka Membership Management System in PHP 1.0 allows addmembers.php fullname stored XSS...

5.4CVSS5.8AI score0.00268EPSS
Exploits1References1
OSV
OSV
added 2024/08/12 1:38 p.m.3 views

CVE-2024-40488

A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...

8.8CVSS5.8AI score0.00315EPSS
Exploits1References2
Prion
Prion
added 2022/11/30 3:15 a.m.17 views

Sql injection

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/editmembers.php...

5.8CVSS7.2AI score0.00726EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/11/30 12:0 a.m.17 views

CVE-2022-45328

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/editmembers.php...

7.5AI score0.00726EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/11/30 12:0 a.m.5 views

Church Management System SQL注入漏洞

Church Management System is a church management system. A security vulnerability exists in Church Management System v1.0, which stems from the id parameter of its /admin/editmembers.php component that allows an attacker to implement SQL injection...

7.2CVSS7.2AI score0.00726EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2015/12/01 4:20 p.m.10 views

tnaflix.com XSS vulnerability

Vulnerable URL: https://www.tnaflix.com/members.php?country=="...

6.9AI score
Exploits0
Rows per page
Query Builder