18 matches found
EUVD-2022-52345
Malicious code in bioql PyPI...
EUVD-2022-52301
Malicious code in bioql PyPI...
CVE-2022-30376
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/viewmember.php?id=...
CVE-2022-30379
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manageuser=...
CVE-2022-30378
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/viewpost=...
CVE-2022-30375
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=deleteimg...
CVE-2022-30460
Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting XSS via /sns/classes/Users.php?f=save, firstname...
CVE-2022-30460
Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting XSS via /sns/classes/Users.php?f=save, firstname...
CVE-2022-30460
CVE-2022-30460 affects Simple Social Networking Site v1.0. A stored XSS flaw arises in the /sns/classes/Users.php?f=save endpoint via the firstname parameter. The CNNVD entry explicitly calls it stored XSS; CVSS metrics (NVD) show base scores of 3.5 (v2.0) / 5.4 (v3.1), indicating a low to medium...
Simple Social Networking Site 跨站脚本漏洞
Simple Social Networking Site is a social networking site by Carlo Montero Personal Developer. A security vulnerability exists in version 1.0 of Simple Social Networking Site, which originates from a /sns/classes/Users.php?f=save, firstname stored cross-site scripting XSS attack...
CVE-2022-30379
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manageuser&id=...
CVE-2022-30376
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/viewmember.php?id=...
CVE-2022-30379
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manageuser&id=...
Sql injection
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/viewmember.php?id=...
Arbitrary file deletion
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=deleteimg...
CVE-2022-30375
Vulnerability summary (CVE-2022-30375): affected product is Sourcecodester Simple Social Networking Site v1.0. The issue allows deletion of files via the endpoint /sns/classes/Master.php?f=delete_img, as described in multiple sources. The NVD entry lists CVSSv3.1 base score 6.5 (Network, Low atta...
CVE-2022-30378
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=posts/viewpost&id=...
CVE-2022-30379
Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manageuser&id=...