CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/07 12:0 a.m.•11 views

PT-2026-38449

A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add members.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...

6.5CVSS5.8AI score0.00269EPSS

Exploits0References3

Vulnrichment•added 2026/05/07 12:0 a.m.•10 views

CVE-2026-36387

A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /addmembers.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE...

5.8AI score0.00269EPSS

Exploits0References2

RedhatCVE•added 2026/04/01 5:3 p.m.•3 views

CVE-2026-5198

A vulnerability was determined in code-projects Student Membership System 1.0. The impacted element is an unknown function of the file /admin/index.php of the component Admin Login. This manipulation of the argument username/password causes sql injection. Remote exploitation of the attack is...

7.5CVSS6.8AI score0.00344EPSS

RedhatCVE•added 2026/04/01 10:58 a.m.•2 views

CVE-2026-5195

A flaw has been found in code-projects Student Membership System 1.0. This issue affects some unknown processing of the component User Registration Handler. Executing a manipulation can lead to sql injection. The attack can be launched remotely...

7.5CVSS6.8AI score0.00259EPSS

RedhatCVE•added 2026/04/01 10:58 a.m.•3 views

CVE-2026-5196

A vulnerability has been found in code-projects Student Membership System 1.0. Impacted is an unknown function of the file /deletemember.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

RedhatCVE•added 2026/04/01 10:58 a.m.•3 views

CVE-2026-5197

A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /deleteuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...

EUVD•added 2026/03/31 12:31 p.m.•3 views

EUVD-2026-17399

7.5CVSS5.7AI score0.00344EPSS

Exploits0References6

EUVD•added 2026/03/31 12:31 p.m.•2 views

EUVD-2026-17353

6.5CVSS5.8AI score0.00192EPSS

Exploits0References6

NVD•added 2026/03/31 12:16 p.m.•3 views

CVE-2026-5198

7.5CVSS0.00344EPSS

Vulnrichment•added 2026/03/31 11:0 a.m.•1 views

CVE-2026-5198 code-projects Student Membership System Admin Login index.php sql injection

7.5CVSS6.8AI score0.00344EPSS

Cvelist•added 2026/03/31 11:0 a.m.•28 views

CVE-2026-5198 code-projects Student Membership System Admin Login index.php sql injection

7.5CVSS0.00344EPSS

ATTACKERKB•added 2026/03/31 11:0 a.m.•1 views

CVE-2026-5198

7.5CVSS5.7AI score0.00344EPSS

Exploits0References5Affected Software1

CVE•added 2026/03/31 11:0 a.m.•7 views

CVE-2026-5198

CVE-2026-5198 affects code-projects Student Membership System 1.0. The vulnerability lies in the Admin Login component, specifically an unknown function in /admin/index.php that manipulates the username/password parameters to cause SQL injection. Remote exploitation is possible, and the exploit h...

7.5CVSS6.8AI score0.00344EPSS

NVD•added 2026/03/31 10:16 a.m.•3 views

CVE-2026-5197

6.5CVSS0.00192EPSS

CVE•added 2026/03/31 10:0 a.m.•7 views

CVE-2026-5197

The CVE-2026-5197 entry concerns code-projects Student Membership System 1.0. Affected component: an unknown function in /delete_user.php where manipulation of the ID parameter yields an SQL injection. The threat is remote and the exploit is public. No remediation details are provided in the docu...

Vulnrichment•added 2026/03/31 10:0 a.m.•3 views

CVE-2026-5197 code-projects Student Membership System delete_user.php sql injection