CVE-2020-21725

OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter...

嘉兴想天信息科技 OpenSNS SQL注入漏洞

OpenSNS is a comprehensive social software developed by Thinking Sky. A SQL blind injection vulnerability exists in the pid parameter in /Controller/ChinaCityController.class.php in OpenSNS version 6.1.0. An attacker can exploit this vulnerability to obtain sensitive database information...

SQL injection vulnerability in OpenSNS In***.class.php file

OpenSNS is a lightweight social user center framework based on OneThink. The system adheres to a minimalist design style and focuses on communication. An SQL injection vulnerability exists in the OpenSNS In.class.php file, which can be exploited by attackers to obtain sensitive information...

Stored Cross-Site Scripting Vulnerability in OpenSNS_v6.0

OpenSNS is a lightweight social user center framework based on OneThink. The system adheres to a minimalist design style and focuses on communication. A stored cross-site scripting vulnerability exists in OpenSNSv6.0. An attacker can insert malicious js code into a page to obtain user cookies and...

File Inclusion Vulnerability in OpenSNS

OpenSNS is a lightweight social user center framework based on OneThink. The system adheres to a minimalist design style and focuses on communication. OpenSNS suffers from a file inclusion vulnerability. Allows an attacker to read the contents of a file by constructing a URL...

Code execution vulnerability in OpenSNS backend AuthorizeController.class.php page

OpenSNS is a lightweight social user center framework based on OneThink. The system upholds a minimalist design style and focuses on communication. A code execution vulnerability exists in the AuthorizeController.class.php page in the OpenSNS backend. Allow attackers to exploit the vulnerability ...