5 matches found
CVE-2023-4844
CVE-2023-4844 affects SourceCodester Simple Membership System 1.0 via an SQL injection in the file club_edit_query.php caused by unsanitized club_id input. The issue can be exploited remotely and exploits have been publicly disclosed. Root cause: inadequate input validation for club_id. Impact: d...
CVE-2023-4846
CVE-2023-4846 affects SourceCodester Simple Membership System 1.0. The vulnerability is a SQL injection in the file delete_member.php, caused by manipulating the mem_id argument. It can be exploited remotely and has been publicly disclosed. Multiple sources describe this as a critical issue with ...
CVE-2023-5260
The CVE-2023-5260 issue affects SourceCodester Simple Membership System 1.0, specifically the group_validator.php file where manipulating the club_id argument causes SQL injection. Documents indicate the attack can be initiated remotely and that exploits have been publicly disclosed. Connected so...
CVE-2023-5027
CVE-2023-5027 affects SourceCodester Simple Membership System 1.0, due to an SQL injection in the club_validator.php file when manipulating the club parameter. The vulnerability allows remote exploitation and has had exploits publicly disclosed. All sources consistently describe it as a SQL injec...
CVE-2023-4845
SourceCodester Simple Membership System 1.0 contains a SQL injection in account_edit_query.php via the admin_id parameter. Exploitation can be remote and public disclosures exist (CVE-2023-4845, VDB-239254). Root cause is unsafe handling of input in account_edit_query.php; impact details are prov...