Lucene search
+L

42 matches found

redhatcve
redhatcve
added 2026/06/05 7:21 p.m.11 views

CVE-2026-41309

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

8.2CVSS5.4AI score0.00369EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/04/24 12:0 a.m.12 views

PT-2026-34840

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 times 10000$ pixels. While the compressed file size ...

8.2CVSS5.9AI score0.00369EPSS
Exploits0References5
cvelist
cvelist
added 2025/11/05 12:0 a.m.10 views

CVE-2025-63585

OSSN Open Source Social Network 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter...

0.00191EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/11/05 12:0 a.m.13 views

PT-2025-45163

Name of the Vulnerable Software and Affected Versions OSSN Open Source Social Network version 8.6 Description OSSN Open Source Social Network version 8.6 has a SQL Injection issue in the /action/rtcomments/status API endpoint through the timestamp parameter. Recommendations At the moment, there i...

6.5CVSS7.4AI score0.00191EPSS
Exploits1References5
cnnvd
cnnvd
added 2025/11/05 12:0 a.m.6 views

Open Source Social Network 安全漏洞

Open Source Social Network OSSN is a source social network engine from the Swiss OSSN team. A security vulnerability exists in Open Source Social Network OSSN version 8.6, which stems from an incorrect manipulation of the parameter timestamp in the file /action/rtcomments/status, which could lead...

6.5CVSS7.4AI score0.00191EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/11/03 12:0 a.m.7 views

CVE-2025-63441

Open Source Social Network OSSN 8.6 is vulnerable to Cross Site Scripting XSS via the parameter param at endpoint u/administrator/friends...

5.8AI score0.00267EPSS
Exploits0References3
cve
cve
added 2025/11/03 12:0 a.m.20 views

CVE-2025-63441

CVE-2025-63441 affects Open Source Social Network (OSSN) 8.6. The connected documents identify a Cross-Site Scripting (XSS) vulnerability exploitable via the parameter named param at the endpoint /u/administrator/friends. The CVSS v3.1 vector indicates Network attack, Low attack complexity, Low p...

7.3CVSS5.8AI score0.00267EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2025/11/03 12:0 a.m.9 views

PT-2025-44784

Name of the Vulnerable Software and Affected Versions Open Source Social Network OSSN version 8.6 Description Open Source Social Network OSSN version 8.6 is susceptible to a Cross Site Scripting XSS issue. The issue occurs through the param parameter at the /u/administrator/friends API endpoint...

7.3CVSS6AI score0.00267EPSS
Exploits0References5
cnnvd
cnnvd
added 2025/11/03 12:0 a.m.7 views

Open Source Social Network 安全漏洞

Open Source Social Network OSSN is a source social network engine from the Swiss OSSN team. A security vulnerability exists in Open Source Social Network OSSN version 8.6, which stems from an incorrect manipulation of the parameter param in the endpoint u/administrator/friends, which could lead t...

7.3CVSS5.8AI score0.00267EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-3012

Malware in sbrugna...

5.9CVSS6AI score0.03797EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-46244

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00364EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-30717

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01184EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-37867

Malicious code in bioql PyPI...

7.2CVSS7AI score0.01574EPSS
Exploits1References4
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-46897

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.0057EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-46243

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00321EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-52761

Malicious code in bioql PyPI...

5.9CVSS5.5AI score0.00664EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-21275

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.02452EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 4:19 a.m.8 views

CVE-2023-42451

Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 3.5.14, 4.0.10, 4.1.8, and 4.2.0-rc2, under certain circumstances, attackers can exploit a flaw in domain name normalization to spoof domains they do not own. Versions 3.5.14, 4.0.10, 4.1.8, and 4.2.0-rc...

7.5CVSS6.6AI score0.0057EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 2:31 a.m.9 views

CVE-2023-36461

Mastodon is a free, open-source social network server based on ActivityPub. When performing outgoing HTTP queries, Mastodon sets a timeout on individual read operations. Prior to versions 3.5.9, 4.0.5, and 4.1.3, a malicious server can indefinitely extend the duration of the response through...

7.5CVSS6.7AI score0.01308EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 11:6 p.m.12 views

CVE-2022-34965

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/cominstaller. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. Note: The project owner believes this ...

7.2CVSS8AI score0.01574EPSS
Exploits1References1
Rows per page
Query Builder