Lopalopa Live Membership System — known CVE vulnerabilities
Every CVE whose affected-product data names Lopalopa Live Membership System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-40482 — CVSS 9.8 (critical): An Unrestricted file upload vulnerability was found in "/Membership/edit_member.php" of Kashipara Live Membership System v1.0, which allows…
CVE-2024-40486 — CVSS 9.8 (critical): A SQL injection vulnerability in "/index.php" of Kashipara Live Membership System v1.0 allows remote attackers to execute arbitrary SQL…
CVE-2024-40488 — CVSS 8.8 (high): A Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker…
CVE-2024-40487 — CVSS 7.6 (high): A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live Membership System v1.0, which allows…