Lucene search
K

11 matches found

OSV
OSV
added 2023/10/16 9:15 p.m.3 views

CVE-2023-45542

Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function...

6.1CVSS6.4AI score0.01635EPSS
Exploits2References1
NVD
NVD
added 2023/10/16 9:15 p.m.17 views

CVE-2023-45542

Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function...

6.1CVSS5.9AI score0.01635EPSS
Exploits2References1
CVE
CVE
added 2023/10/16 12:0 a.m.61 views

CVE-2023-45542

Affected software: mooSocial 3.1.8. Vulnerability: reflected cross-site scripting (XSS) in the q parameter of the search function, allowing an attacker to steal session cookies and impersonate a user. Root cause / vector: lack of proper input filtering/escaping for the q parameter. Impact: unauth...

6.1CVSS5.8AI score0.01635EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2023/10/09 9:15 p.m.5 views

CVE-2023-44813

Cross Site Scripting XSS vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function...

6.1CVSS6.1AI score0.01754EPSS
Exploits1References1
NVD
NVD
added 2023/09/28 8:15 p.m.28 views

CVE-2023-43323

mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...

6.5CVSS6.5AI score0.0186EPSS
Exploits2References1
Prion
Prion
added 2023/09/28 8:15 p.m.24 views

Design/Logic Flaw

mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...

6.4CVSS6.5AI score0.0186EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/28 12:0 a.m.13 views

CVE-2023-43323

mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...

6.8AI score0.0186EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.6 views

PT-2023-28780 · Moosocial · Moosocial

Name of the Vulnerable Software and Affected Versions: mooSocial version 3.1.8 Description: The issue concerns external service interaction on the post function. When executed, the server sends HTTP and DNS requests to an external server. The parameters affected are multiple, including messageTex...

6.5CVSS7AI score0.0186EPSS
Exploits2References7
ATTACKERKB
ATTACKERKB
added 2023/09/26 12:15 a.m.4 views

CVE-2023-43325

A reflected cross-site scripting XSS vulnerability in the dataredirecturl parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL...

6.1CVSS5.7AI score0.01857EPSS
Exploits4References5
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.6 views

PT-2023-28782 · Moosocial · Moosocial

Name of the Vulnerable Software and Affected Versions: mooSocial version 3.1.8 Description: A reflected cross-site scripting XSS vulnerability exists in multiple URLs of the software, allowing attackers to steal user's session cookies and impersonate their account via a crafted URL. The...

6.1CVSS6AI score0.01615EPSS
Exploits2References6
Exploit DB
Exploit DB
added 2023/08/08 12:0 a.m.311 views

mooSocial 3.1.8 - Reflected XSS

Exploit Title: mooSocial 3.1.8 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4173...

6.1CVSS6.3AI score0.03336EPSS
Exploits5
Rows per page
Query Builder