Intern Membership Management System
Monthly
Reflected cross-site scripting (XSS) in Intern Membership Management System 1.0 allows remote attackers to inject malicious scripts via the email parameter in fill_details.php, executable only with user interaction. The vulnerability has a publicly available exploit and affects the error message handler, resulting in integrity impact (CVSS 2.1, EPSS 0.07%). While the attack vector is network-accessible and requires minimal complexity, the low CVSS and EPSS scores reflect the necessity for user interaction and limited technical impact.
A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Reflected cross-site scripting (XSS) in Intern Membership Management System 1.0 allows remote attackers to inject malicious scripts via the email parameter in fill_details.php, executable only with user interaction. The vulnerability has a publicly available exploit and affects the error message handler, resulting in integrity impact (CVSS 2.1, EPSS 0.07%). While the attack vector is network-accessible and requires minimal complexity, the low CVSS and EPSS scores reflect the necessity for user interaction and limited technical impact.
A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation of the argument user_name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.