12 matches found
CVE-2026-7002
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/getmessageajax.php of the component Private Message Handler. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the...
EUVD-2026-25677
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/getmessageajax.php of the component Private Message Handler. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the...
CVE-2026-7002 KLiK SocialMediaWebsite Private Message get_message_ajax.php sql injection
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/getmessageajax.php of the component Private Message Handler. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the...
CVE-2026-7002
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/getmessageajax.php of the component Private Message Handler. Executing a manipulation of the argument cid can lead to sql injection. It is possible to launch the...
CVE-2026-7002
CVE-2026-7002 affects KLiK SocialMediaWebsite (versions up to 1.0.1). The vulnerability exists in /includes/get_message_ajax.php within the Private Message Handler; manipulating the c_id argument permits SQL injection, exploitable remotely over a network. CVSS data indicate high severity (3.1: sc...
KLiK SocialMediaWebsite 注入漏洞
KLiK SocialMediaWebsite is a simple social media website developed by Muhammad Saad using PHP. Versions of KLiK SocialMediaWebsite 1.0.1 and earlier had a vulnerability related to injection attacks. This vulnerability stemmed from the cid parameter operations in the Private Message Handler...
PT-2026-35177
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get message ajax.php of the component Private Message Handler. Executing a manipulation of the argument c id can lead to sql injection. It is possible to launch the...
CVE-2023-0549
A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. T...
CVE-2023-0549
A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. T...
CVE-2023-0549 YAFNET Private Message PostPrivateMessage cross site scripting
A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. T...
CVE-2023-0549 YAFNET Private Message PostPrivateMessage cross site scripting
A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. T...
PT-2023-16354 · Yafnet · Yafnet
Name of the Vulnerable Software and Affected Versions: YAFNET versions up to 3.1.10 Description: A problematic issue has been found in the Private Message Handler component, affecting the processing of the file /forum/PostPrivateMessage. The manipulation of the subject and message arguments leads...