Codeastro Membership Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Codeastro Membership Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2025-70150 — CVSS 9.8 (critical): CodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows…
CVE-2025-70149 — CVSS 9.8 (critical): CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print_membership_card.php via the ID parameter.
CVE-2024-25867 — CVSS 9.1 (critical): A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL…
CVE-2024-25866 — CVSS 8.8 (high): A SQL Injection vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary SQL…
CVE-2024-25869 — CVSS 8.8 (high): An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute…
CVE-2024-46472 — CVSS 8.6 (high): CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection via the parameter 'email' in the Login Page.
CVE-2025-70148 — CVSS 7.5 (high): Missing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated…
CVE-2024-46471 — CVSS 7.5 (high): The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes the structure and contents of directories…
CVE-2025-3998 — CVSS 7.3 (high): A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of…
CVE-2024-2333 — CVSS 6.3 (medium): A vulnerability classified as critical has been found in CodeAstro Membership Management System 1.0. Affected is an unknown function of the…
CVE-2024-1924 — CVSS 6.3 (medium): A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part…
CVE-2024-46470 — CVSS 6.1 (medium): Cross Site Scripting vulnerability in CodeAstro Membership Management System 1.0 allows attackers to run malicious JavaScript via the…
CVE-2024-25868 — CVSS 6.1 (medium): A Cross Site Scripting (XSS) vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute…
CVE-2024-45528 — CVSS 5.4 (medium): CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1.0 allows add_members.php fullname stored XSS.
CVE-2024-46236 — CVSS 5.4 (medium): CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the address parameter in add_members.php and…
CVE-2024-48709 — CVSS 5.4 (medium): CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php
CVE-2024-1818 — CVSS 4.7 (medium): A vulnerability was found in CodeAstro Membership Management System 1.0 and classified as critical. Affected by this issue is some unknown…
CVE-2024-2149 — CVSS 4.7 (medium): A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of…
CVE-2024-1819 — CVSS 4.7 (medium): A vulnerability was found in CodeAstro Membership Management System 1.0. It has been classified as critical. This affects an unknown part…