Vulnerability Details CVE-2024-40488
A Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker tricking the administrator into deleting valid member data via a crafted HTML page, as demonstrated by a Delete Member action at the /delete_members.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.3%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-40488
-
cpe:2.3:a:lopalopa:live_membership_system:1.0