Skip to main content

Live Membership System

4 CVEs product

Monthly

CVE-2024-40488 HIGH POC This Week

A Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership System v1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Live Membership System
NVD GitHub
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-40487 HIGH POC This Week

A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP XSS RCE Live Membership System
NVD GitHub
CVSS 3.1
7.6
EPSS
1.1%
CVE-2024-40486 CRITICAL POC Act Now

A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Live Membership System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-40482 CRITICAL POC Act Now

An Unrestricted file upload vulnerability was found in "/Membership/edit_member.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS File Upload Live Membership System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
EPSS 0% CVSS 8.8
HIGH POC This Week

A Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership System v1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Live Membership System
NVD GitHub
EPSS 1% CVSS 7.6
HIGH POC This Week

A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP XSS +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email or password Login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Live Membership System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An Unrestricted file upload vulnerability was found in "/Membership/edit_member.php" of Kashipara Live Membership System v1.0, which allows attackers to execute arbitrary code via uploading a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy