Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
BioscriptsMinitwitter

2 matches found

CVE
CVEadded 2009/07/22 5:9 p.m.48 views

CVE-2009-2574

CVE-2009-2574 affects MiniTwitter 0.2 beta. The flaw in index.php lets remote authenticated users modify certain options of arbitrary accounts via an opt action. Exploitation is documented (Exploit-DB) and related references link to insecure parameter handling; CVSS from NVD indicates a medium ri...

6.5CVSS6.6AI score0.0194EPSS
CVE
CVEadded 2009/07/22 5:9 p.m.38 views

CVE-2009-2573

CVE-2009-2573 describes multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, triggered when magic_quotes_gpc is disabled. The flaw lets remote authenticated users execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php. According to the entry, the CVS...

6CVSS8.3AI score0.00817EPSS