Advanced Login

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2022-50940	Msxstudios Advanced Login	Med	0.42	6.4	0.00		Feb 1, 2026	Knap Advanced PHP Login 3.1.3 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script code in the name parameter. Attackers can exploit the vulnerability to execute arbitrary scripts in users and activity log backend modules, potentially leading to session hijacking and persistent phishing attacks.
CVE-2007-1766	Msxstudios Advanced Login		0.04	—	0.07		Mar 30, 2007	PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.

CVE-2022-50940MedFeb 1, 2026
Msxstudios
Advanced Login
risk 0.42cvss 6.4epss 0.00
Knap Advanced PHP Login 3.1.3 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script code in the name parameter. Attackers can exploit the vulnerability to execute arbitrary scripts in users and activity log backend modules, potentially leading to session hijacking and persistent phishing attacks.
CVE-2007-1766Mar 30, 2007
Msxstudios
Advanced Login
risk 0.04cvss —epss 0.07
PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.