cbcvebase.

Repute Infosystems Armember vulnerabilities

11 known vulnerabilities affecting repute_infosystems/armember.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH5MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2022-46808P3CRITICALCVSS 9.8≥ n/a, ≤ 3.4.112023-11-03
CVE-2022-46808 [CRITICAL] CWE-89 CVE-2022-46808: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11.
nvd
CVE-2023-51356P3HIGHCVSS 8.8≥ n/a, ≤ 4.0.102024-05-17
CVE-2023-51356 [HIGH] CWE-269 CVE-2023-51356: Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalati Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
nvd
CVE-2023-47837P3HIGHCVSS 8.8≥ n/a, ≤ 4.0.102024-06-04
CVE-2023-47837 [HIGH] CWE-269 CVE-2023-47837: Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalati Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
nvd
CVE-2024-30223P3CRITICALCVSS 9.8≥ n/a, ≤ 4.0.262024-03-28
CVE-2024-30223 [CRITICAL] CWE-502 CVE-2024-30223: Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects AR Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
nvd
CVE-2024-30222P3HIGHCVSS 8.8≥ n/a, ≤ 4.0.262024-03-28
CVE-2024-30222 [HIGH] CWE-502 CVE-2024-30222: Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects AR Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
nvd
CVE-2022-47425P3HIGHCVSS 8.8≥ n/a, ≤ 3.4.102025-12-09
CVE-2022-47425 [HIGH] CWE-862 CVE-2022-47425: Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Con Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10.
nvd
CVE-2024-32948P3CRITICALCVSS 9.1≥ n/a, ≤ 4.0.282024-04-24
CVE-2024-32948 [CRITICAL] CWE-862 CVE-2024-32948: Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.28.
nvd
CVE-2022-47424P3HIGHCVSS 8.8≥ n/a, ≤ 4.0.52024-11-19
CVE-2022-47424 [HIGH] CWE-352 CVE-2022-47424: Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems A Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium: from n/a before 6.7.1.
nvd
CVE-2022-47140P4MEDIUMCVSS 6.1≥ n/a, ≤ 4.0.12023-06-12
CVE-2022-47140 [MEDIUM] CWE-79 CVE-2022-47140: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin <= Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin <= 4.0.1 versions.
nvd
CVE-2022-47421P4MEDIUMCVSS 4.8≥ n/a, ≤ 4.0.42023-07-18
CVE-2022-47421 [MEDIUM] CWE-79 CVE-2022-47421: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free) Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.
nvd
CVE-2023-33323P4MEDIUMCVSS 4.8≥ n/a, ≤ 4.0.22023-06-22
CVE-2023-33323 [MEDIUM] CWE-79 CVE-2023-33323: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember plugin <= 4.0.2 versions.
nvd