Vulnerabilities > PY Membres

DATE CVE VULNERABILITY TITLE RISK
2003-10-20 CVE-2003-0751 SQL-Injection vulnerability in Py-Membres 4.0/4.1/4.2
SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.
network
low complexity
py-membres
7.5
2003-10-20 CVE-2003-0750 Security Bypass vulnerability in Py-Membres 4.0/4.1/4.2
secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.
network
low complexity
py-membres
7.5
2002-12-31 CVE-2002-1884 Unspecified vulnerability in Py-Membres 3.1
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin".
network
low complexity
py-membres
7.5