Intern Membership Management System
Monthly
Intern Membership Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 4.7).
SQL injection in the Intern Membership Management System 1.0 add_activity.php file allows authenticated administrators to manipulate the Title parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables an authenticated attacker with high privileges to compromise data confidentiality and integrity.
SQL injection in the Intern Membership Management System 1.0 admin deletion function allows authenticated attackers with high privileges to manipulate the admin_id parameter and execute arbitrary database queries remotely. Public exploit code is available for this vulnerability, which affects PHP-based deployments. The vulnerability enables unauthorized data access, modification, and potential denial of service with no patch currently available.
SQL injection in the admin panel of code-projects Intern Membership Management System 1.0 allows authenticated attackers with high privileges to manipulate the Username parameter in /intern/admin/add_admin.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations should restrict administrative access and consider implementing input validation controls or upgrading to a patched version when available.
Intern Membership Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).
SQL injection in the Intern Membership Management System 1.0 admin panel allows authenticated attackers with high privileges to manipulate the activity_id parameter in edit_activity.php, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, though no patch is currently available.
SQL injection in the Intern Membership Management System 1.0 admin panel allows authenticated attackers with high privileges to manipulate the admin_id parameter in /intern/admin/edit_students.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling attackers to read, modify, or delete sensitive data. No patch is currently available to remediate this issue.
SQL injection in the Intern Membership Management System 1.0 admin panel allows remote attackers with high privileges to manipulate the admin_id parameter in /intern/admin/edit_admin.php, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available.
A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Intern Membership Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 4.7).
SQL injection in the Intern Membership Management System 1.0 add_activity.php file allows authenticated administrators to manipulate the Title parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables an authenticated attacker with high privileges to compromise data confidentiality and integrity.
SQL injection in the Intern Membership Management System 1.0 admin deletion function allows authenticated attackers with high privileges to manipulate the admin_id parameter and execute arbitrary database queries remotely. Public exploit code is available for this vulnerability, which affects PHP-based deployments. The vulnerability enables unauthorized data access, modification, and potential denial of service with no patch currently available.
SQL injection in the admin panel of code-projects Intern Membership Management System 1.0 allows authenticated attackers with high privileges to manipulate the Username parameter in /intern/admin/add_admin.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, and no patch is currently available. Affected organizations should restrict administrative access and consider implementing input validation controls or upgrading to a patched version when available.
Intern Membership Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 7.3).
SQL injection in the Intern Membership Management System 1.0 admin panel allows authenticated attackers with high privileges to manipulate the activity_id parameter in edit_activity.php, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, though no patch is currently available.
SQL injection in the Intern Membership Management System 1.0 admin panel allows authenticated attackers with high privileges to manipulate the admin_id parameter in /intern/admin/edit_students.php and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling attackers to read, modify, or delete sensitive data. No patch is currently available to remediate this issue.
SQL injection in the Intern Membership Management System 1.0 admin panel allows remote attackers with high privileges to manipulate the admin_id parameter in /intern/admin/edit_admin.php, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available.
A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.