Membership Management System
Monthly
Missing authentication in CodeAstro Membership Management System 1.0 delete_members.php allows unauthenticated deletion of member records. PoC available.
Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference (IDOR). [CVSS 7.5 HIGH]
SQL injection in CodeAstro Membership Management System 1.0 via ID parameter in print_membership_card.php enables unauthenticated database access. PoC available.
A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Missing authentication in CodeAstro Membership Management System 1.0 delete_members.php allows unauthenticated deletion of member records. PoC available.
Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated attackers to access membership card data of arbitrary users via direct requests with a manipulated id parameter, resulting in insecure direct object reference (IDOR). [CVSS 7.5 HIGH]
SQL injection in CodeAstro Membership Management System 1.0 via ID parameter in print_membership_card.php enables unauthenticated database access. PoC available.
A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.