Vendor
Py Membres
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-1067 | 0.03 | — | 0.02 | Mar 23, 2010 | E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/bdEMembres.mdb. | |||
| CVE-2002-1884 | 0.03 | — | 0.03 | Dec 31, 2002 | index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin". | |||
| CVE-2003-0751 | 0.00 | — | 0.01 | Oct 20, 2003 | SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter. | |||
| CVE-2003-0750 | 0.00 | — | 0.02 | Oct 20, 2003 | secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter. |
- CVE-2010-1067Mar 23, 2010risk 0.03cvss —epss 0.02
E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/bdEMembres.mdb.
- CVE-2002-1884Dec 31, 2002risk 0.03cvss —epss 0.03
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin".
- CVE-2003-0751Oct 20, 2003risk 0.00cvss —epss 0.01
SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.
- CVE-2003-0750Oct 20, 2003risk 0.00cvss —epss 0.02
secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.