Globalnorthstar Northstar Club Management
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Globalnorthstar Northstar Club Management.
By the Year
In 2026 there have been 0 vulnerabilities in Globalnorthstar Northstar Club Management. Northstar Club Management did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 7 | 8.03 |
It may take a day or so for new Northstar Club Management vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Globalnorthstar Northstar Club Management Security Vulnerabilities
CVE-2022-26959: RW SQLi in Northstar Club Mgmt 6.3 login/userName.jsp
CVE-2022-26959
9.8 - Critical
- September 16, 2022
There are two full (read/write) Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp page in the /northstar/iphone/ directory. Exploitation of the SQL injection vulnerabilities allows full access to the database which contains critical data for organizations that make full use of the software suite.
SQL Injection
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3
CVE-2021-29397
7.5 - High
- February 04, 2022
Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP.
Cleartext Transmission of Sensitive Information
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar Technologies Inc NorthStar Club Management 6.3
CVE-2021-29398
5.3 - Medium
- February 04, 2022
Directory traversal in /northstar/Common/NorthFileManager/fileManagerObjects.jsp Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to browse and list the directories across the entire filesystem of the host of the web application.
Directory traversal
Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3
CVE-2021-29396
9.8 - Critical
- February 04, 2022
Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use various functionalities without authentication.
Incorrect Permission Assignment for Critical Resource
Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3
CVE-2021-29395
7.5 - High
- February 04, 2022
Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to download arbitrary files, including JSP source code, across the filesystem of the host of the web application.
Directory traversal
Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3
CVE-2021-29394
6.5 - Medium
- February 04, 2022
Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote authenticated users to change the password of any targeted user accounts via lack of proper authorization in the user-controlled "userID" parameter of the HTTP POST request.
AuthZ
Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3
CVE-2021-29393
9.8 - Critical
- February 04, 2022
Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled "command" and "commandvalues" parameters.
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Globalnorthstar Northstar Club Management or by Globalnorthstar? Click the Watch button to subscribe.
