The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes the structure and contents of directories, potentially revealing sensitive information.
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the address parameter in add_members.php and edit_member.php.
CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1.0 allows add_members.php fullname stored XSS.
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads.
Cross Site Scripting vulnerability in CodeAstro Membership Management System 1.0 allows attackers to run malicious JavaScript via the membership_type field in the edit-type.php component.
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets.
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add_members.php. This vulnerability affects the file upload functionality, where improper file saniti
A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/Add_Projects of the component Projects Management Page. The ma
A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file a
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdk_public_action AJAX handler. This makes it possible for
A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /submitproperty.php. The manipulation leads to unrestricted upload. The attac
A Directory Listing Vulnerability was found in the /osms/Requester/ directory of the Kashipara Online Service Management Portal V1.0.
A vulnerability classified as problematic was found in CodeAstro Real Estate Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /aboutedit.php of the compone
An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file an
The Order Attachments for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.1 via the 'uploads' directory. This makes it possib
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4. This makes it possible for attackers with contributor access o
The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.24.7 via the 'uploadpath' parameter of the wordpress_file_upload shortcode.
The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.1 through publicly exposed log file
A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file profile.php of the componen
Page 1+ Next →