11 matches found
CVE-2023-45542
Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function...
CVE-2023-45542
Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function...
CVE-2023-45542
Affected software: mooSocial 3.1.8. Vulnerability: reflected cross-site scripting (XSS) in the q parameter of the search function, allowing an attacker to steal session cookies and impersonate a user. Root cause / vector: lack of proper input filtering/escaping for the q parameter. Impact: unauth...
CVE-2023-44813
Cross Site Scripting XSS vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function...
CVE-2023-43323
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...
Design/Logic Flaw
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...
CVE-2023-43323
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...
PT-2023-28780 · Moosocial · Moosocial
Name of the Vulnerable Software and Affected Versions: mooSocial version 3.1.8 Description: The issue concerns external service interaction on the post function. When executed, the server sends HTTP and DNS requests to an external server. The parameters affected are multiple, including messageTex...
CVE-2023-43325
A reflected cross-site scripting XSS vulnerability in the dataredirecturl parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL...
PT-2023-28782 · Moosocial · Moosocial
Name of the Vulnerable Software and Affected Versions: mooSocial version 3.1.8 Description: A reflected cross-site scripting XSS vulnerability exists in multiple URLs of the software, allowing attackers to steal user's session cookies and impersonate their account via a crafted URL. The...
mooSocial 3.1.8 - Reflected XSS
Exploit Title: mooSocial 3.1.8 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4173...