CVE-2018-25362

Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit union-based or time-based blind SQL injection payloads to extract sensitive database information...

CVE-2018-25362

CVE-2018-25362 affects Twitter-Clone 1 with a SQL injection in follow.php via the userid parameter. The vulnerability lets an attacker manipulate queries using union-based or time-based blind payloads to extract sensitive data such as usernames, passwords, and database credentials. Impact is Conf...

Twitter-Clone 1 - userid SQL Injection

Twitter-Clone 1 - userid SQL Injection Exploit Title: Twitter-Clone 1 - 'userid' SQL Injection Date: 2018-08-21 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 POC : SQLi vulnerable files : follow.php , index.php vulnerable...

CVE-2005-0784

CVE-2005-0784 affects Phorum before 5.0.15, where multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The issue is triggered via the subject line in follow.php or in the user’s personal control panel, stemming from failure to properly...

CVE-2004-1518

Phorum 5.0.12 and earlier is affected by an SQL injection in follow.php triggered through the forum_id parameter. The vulnerability allows remote authenticated users to execute arbitrary SQL commands, indicating the issue lies in improper handling/validation of the forum_id input. Affected produc...