16 matches found
EUVD-2025-7858
Malicious code in bioql PyPI...
CVE-2025-10662
CVE-2025-10662 affects SeaCMS up to version 13.3. The vulnerability is a SQL injection in the parameter ID manipulated in the file /admin_members.php?ac=editsave, allowing remote exploitation. The vulnerability is reported to be exploitable because the ID argument is unsafely handled, with public...
CVE-2025-8167
A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/editmembers.php. The manipulation of the argument fname leads to cross site scripting. The attack can be launch...
CVE-2025-28901
Cross-Site Request Forgery CSRF vulnerability in Naren Members page only for logged in users members-page-only-for-logged-in-users allows Stored XSS.This issue affects Members page only for logged in users: from n/a through = 1.4.2...
WordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Members page only for logged in users versions = 1.4.2...
CVE-2025-28901
Cross-Site Request Forgery CSRF vulnerability in Naren Members page only for logged in users members-page-only-for-logged-in-users allows Stored XSS.This issue affects Members page only for logged in users: from n/a through = 1.4.2...
CVE-2025-28901 WordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Naren Members page only for logged in users members-page-only-for-logged-in-users allows Stored XSS.This issue affects Members page only for logged in users: from n/a through = 1.4.2...
CVE-2025-28901
CVE-2025-28901 describes a CSRF to Stored XSS vulnerability in the WordPress plugin version 1.4.2 and earlier of the Members page (logged-in users). Exploitation context is a CSRF on the Members page that can lead to stored XSS within the application for authenticated users. The CVSS 3.1 base sco...
WordPress plugin Members page only for logged in users 跨站请求伪造漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Members page only for logged in...
CVE-2024-46236
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting XSS via the address parameter in addmembers.php and editmember.php...
CVE-2024-45528
CodeAstro MembershipM-PHP aka Membership Management System in PHP 1.0 allows addmembers.php fullname stored XSS...
CVE-2024-40488
A Cross-Site Request Forgery CSRF vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /deletemembers.php...
Sql injection
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/editmembers.php...
CVE-2022-45328
Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/editmembers.php...
Church Management System SQL注入漏洞
Church Management System is a church management system. A security vulnerability exists in Church Management System v1.0, which stems from the id parameter of its /admin/editmembers.php component that allows an attacker to implement SQL injection...
tnaflix.com XSS vulnerability
Vulnerable URL: https://www.tnaflix.com/members.php?country=="...