Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43323 | 1 Moosocial | 1 Moosocial | 2024-09-25 | N/A | 6.5 MEDIUM |
| mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink]. | |||||
| CVE-2023-45542 | 1 Moosocial | 1 Moosocial | 2023-10-19 | N/A | 6.1 MEDIUM |
| Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function. | |||||
| CVE-2023-43326 | 1 Moosocial | 1 Moosocial | 2023-10-13 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. | |||||
| CVE-2023-44811 | 1 Moosocial | 1 Moosocial | 2023-10-11 | N/A | 8.8 HIGH |
| Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function. | |||||
| CVE-2023-44812 | 1 Moosocial | 1 Moosocial | 2023-10-11 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the admin_redirect_url parameter of the user login function. | |||||
| CVE-2023-44813 | 1 Moosocial | 1 Moosocial | 2023-10-11 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function. | |||||