MidnightBSD

Advisories for py-membres

CVE-2002-1884 HIGH

index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin".

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
py-membres py-membres 3.1
CVE-2003-0750 HIGH

secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
py-membres py-membres 4.0
py-membres py-membres 4.1
py-membres py-membres 4.2
CVE-2003-0751 HIGH

SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
py-membres py-membres 4.0
py-membres py-membres 4.1
py-membres py-membres 4.2