10 matches found
EUVD-2022-2171
Malicious code in bioql PyPI...
GHSA-3FM8-7GPF-P8FM SocialNetwork Cross-Site Scripting (XSS) vulnerability
A Cross-Site Scripting XSS was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data mail passed to the 'SocialNetwork-andrea/app/template/pwforgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...
SocialNetwork Cross-Site Scripting (XSS) vulnerability
A Cross-Site Scripting XSS was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data mail passed to the 'SocialNetwork-andrea/app/template/pwforgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...
Improper Privilege Management in opensource-socialnetwork/opensource-socialnetwork
💥 BUG unprivileged user can comment to private album . 💥 IMPACT user who does not have permiison in private album still can comment in that album. 💥 STEP TO RERPODUCE There is two user called user-A and user-B.\ 1. First goto user-A account and create a private album . \ Lets album url is...
SocialNetwork Cross-Site Scripting Vulnerability
SocialNetwork is a set of tools for sharing videos, websites, images and source code. A cross-site scripting vulnerability exists in SocialNetwork version 1.2.1, which stems from the program's failure to adequately filter data submitted by users to SocialNetwork-andrea/app/template/pwforgot.php. ...
CVE-2017-7390
A Cross-Site Scripting XSS was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data mail passed to the 'SocialNetwork-andrea/app/template/pwforgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...
CVE-2017-7390
A Cross-Site Scripting XSS was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data mail passed to the 'SocialNetwork-andrea/app/template/pwforgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...
Cross site scripting
A Cross-Site Scripting XSS was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data mail passed to the 'SocialNetwork-andrea/app/template/pwforgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...
CVE-2017-7390
The CVE-2017-7390 entry describes a Cross-Site Scripting (XSS) in SocialNetwork v1.2.1 caused by insufficient filtration of user-supplied data (mail) passed to SocialNetwork-andrea/app/template/pw_forgot.php, enabling arbitrary HTML/script execution in a user’s browser. Affected component: the pw...
CVE-2017-7390
A Cross-Site Scripting XSS was discovered in 'SocialNetwork v1.2.1'. The vulnerability exists due to insufficient filtration of user-supplied data mail passed to the 'SocialNetwork-andrea/app/template/pwforgot.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...