Lucene search
K

3136 matches found

Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.8 views

CVE-2018-25364 Twitter-Clone 1 SQL Injection via search.php

Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can submit crafted payloads to the search.php endpoint to extract database information including username...

8.8CVSS6.2AI score0.00337EPSS
Exploits0References3
CVE
CVE
added 2026/05/25 2:15 p.m.24 views

CVE-2018-25364

Twitter-Clone 1 contains a SQL injection flaw accessible without authentication via search.php. An attacker can inject malicious code into the name parameter to perform error-based and union-based SQL injections, enabling extraction of database information such as usernames, credentials, and syst...

8.8CVSS6.2AI score0.00337EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/25 2:15 p.m.27 views

CVE-2018-25364 Twitter-Clone 1 SQL Injection via search.php

Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can submit crafted payloads to the search.php endpoint to extract database information including username...

8.8CVSS0.00337EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.10 views

CVE-2018-25363 Twitter-Clone 1 Cross-Site Request Forgery via tweetdel.php

Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to delete posts by crafting malicious HTML forms. Attackers can create hidden forms targeting tweetdel.php with tweet IDs and automatically submit them to delete arbitrary posts from...

5.3CVSS5.9AI score0.00199EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/25 2:15 p.m.10 views

CVE-2018-25363

Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to delete posts by crafting malicious HTML forms. Attackers can create hidden forms targeting tweetdel.php with tweet IDs and automatically submit them to delete arbitrary posts from...

5.3CVSS5.9AI score0.00199EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/25 2:15 p.m.10 views

EUVD-2018-21882

Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit union-based or time-based blind SQL injection payloads to extract sensitive database information...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/25 2:15 p.m.11 views

CVE-2018-25362 Twitter-Clone 1 SQL Injection via follow.php

Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit union-based or time-based blind SQL injection payloads to extract sensitive database information...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References3
CVE
CVE
added 2026/05/25 2:15 p.m.21 views

CVE-2018-25362

CVE-2018-25362 affects Twitter-Clone 1 with a SQL injection in follow.php via the userid parameter. The vulnerability lets an attacker manipulate queries using union-based or time-based blind payloads to extract sensitive data such as usernames, passwords, and database credentials. Impact is Conf...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

twitter-clone 跨站请求伪造漏洞

twitter-clone is an application by Fiffe Individual Developers. twitter-clone uses + Vue 3 + light to go development + TailwindCSS + PostgreSQL + recapitulate A cross-site request forgery vulnerability exists in twitter-clone version 1, which stems from cross-site request forgery and could allow ...

5.3CVSS5.8AI score0.00199EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.11 views

PT-2026-43216

Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to delete posts by crafting malicious HTML forms. Attackers can create hidden forms targeting tweetdel.php with tweet IDs and automatically submit them to delete arbitrary posts from...

5.3CVSS5.9AI score0.00199EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

twitter-clone SQL注入漏洞

twitter-clone is an application by Fiffe Individual Developers. twitter-clone uses + Vue 3 + light to go development + TailwindCSS + PostgreSQL + recapitulate Twitter-Clone version 1 suffers from a SQL injection vulnerability that stems from the injection of malicious code via the name parameter,...

8.8CVSS6.2AI score0.00337EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43217

Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can submit crafted payloads to the search.php endpoint to extract database information including username...

8.8CVSS6.2AI score0.00337EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

twitter-clone SQL注入漏洞

twitter-clone is an application by Fiffe Individual Developers. twitter-clone uses + Vue 3 + light to go development + TailwindCSS + PostgreSQL + recapitulation Twitter-Clone version 1 suffers from a SQL injection vulnerability that stems from the injection of SQL code via the userid parameter in...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in twitter-bootstrap3

Improper neutralization of input during web page generation XSS or “cross-site scripting” vulnerability in Bootstrap allows cross-site scripting. This issue affects Bootstrap: from version 3.4.1 to 4.0.0...

5.6CVSS5.7AI score0.00272EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/18 6:31 p.m.13 views

@addtodoist/twitter-autohook (=2.2.0), @alessiodf/core-chameleon (=0.0.1) +156 more potentially affected by CVE-2025-57282 via ngrok (=4.3.3)

ngrok NPM version =4.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on ngrok and may be impacted: - @addtodoist/twitter-autohook =2.2.0 - @alessiodf/core-chameleon =0.0.1 - @archer-edu/qa-test-cli =0.1.0, =0.1.1, =3.8.2, =3.0.0, =3.0.0-alpha.9, =1.0....

8.8CVSS5.4AI score0.00981EPSS
Exploits0
NVD
NVD
added 2026/05/13 1:16 p.m.18 views

CVE-2026-6177

The Custom Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.5.4. This is due to insufficient output escaping in the CTFDisplayElements::getposttext function when rendering cached tweet text. The plugin's ctfgetmoreposts AJAX action ...

7.2CVSS0.00493EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:29 p.m.10 views

CVE-2026-6177

The Custom Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.5.4. This is due to insufficient output escaping in the CTFDisplayElements::getposttext function when rendering cached tweet text. The plugin's ctfgetmoreposts AJAX action ...

7.2CVSS6AI score0.00493EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/13 12:29 p.m.45 views

CVE-2026-6177 Custom Twitter Feeds <= 2.5.4 - Unauthenticated Stored Cross-Site Scripting via Cached Tweet Text

The Custom Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.5.4. This is due to insufficient output escaping in the CTFDisplayElements::getposttext function when rendering cached tweet text. The plugin's ctfgetmoreposts AJAX action ...

7.2CVSS0.00493EPSS
Exploits0References10
EUVD
EUVD
added 2026/05/13 12:29 p.m.9 views

EUVD-2026-29945

The Custom Twitter Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.5.4. This is due to insufficient output escaping in the CTFDisplayElements::getposttext function when rendering cached tweet text. The plugin's ctfgetmoreposts AJAX action ...

7.2CVSS6AI score0.00493EPSS
Exploits0References10
CVE
CVE
added 2026/05/13 12:29 p.m.23 views

CVE-2026-6177

The CVE-2026-6177 entry concerns the WordPress plugin Custom Twitter Feeds (versions

7.2CVSS6AI score0.00493EPSS
Exploits0References10
Rows per page
Query Builder