CVE-2024-46472

HIGH

CodeAstro Membership Management System 1.0 - SQL Injection via Login Page Email Parameter

Title source: llm
STIX 2.1

Description

CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection via the parameter 'email' in the Login Page.

Scores

CVSS v3 8.6
EPSS 0.0043
EPSS Percentile 34.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
codeastro/membership_management_system 1.0
Published Sep 27, 2024
Tracked Since Feb 18, 2026