Online Discussion Forum Site
by Online Discussion Forum Site
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-31296 | Cri | 0.64 | 9.8 | 0.02 | Jun 17, 2022 | Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php. | ||
| CVE-2022-31295 | Hig | 0.49 | 7.5 | 0.01 | Jun 16, 2022 | An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. | ||
| CVE-2022-31911 | Hig | 0.47 | 7.2 | 0.01 | Jun 16, 2022 | Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. | ||
| CVE-2020-28141 | Med | 0.35 | 5.4 | 0.01 | Apr 19, 2021 | The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page. | ||
| CVE-2022-31913 | Med | 0.31 | 4.8 | 0.00 | Jun 16, 2022 | Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. |
- risk 0.64cvss 9.8epss 0.02
Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.
- risk 0.49cvss 7.5epss 0.01
An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.
- risk 0.47cvss 7.2epss 0.01
Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team.
- risk 0.35cvss 5.4epss 0.01
The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page.
- risk 0.31cvss 4.8epss 0.00
Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name.