SocialMediaWebsite
by KLiK
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-42098 | Hig | 0.57 | 8.8 | 0.01 | Nov 22, 2022 | KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php. | ||
| CVE-2026-9422 | Hig | 0.47 | 7.3 | 0.00 | May 25, 2026 | A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. The attack can be launched remotely. The exploit is publicly available and might… | ||
| CVE-2026-9421 | Hig | 0.47 | 7.3 | 0.00 | May 25, 2026 | A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been… | ||
| CVE-2026-7002 | Hig | 0.47 | 7.3 | 0.00 | Apr 25, 2026 | A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private Message Handler. Executing a manipulation of the argument c_id can lead to sql injection. It is… | ||
| CVE-2026-9420 | Med | 0.41 | 6.3 | 0.00 | May 25, 2026 | A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. | ||
| CVE-2022-42100 | Med | 0.35 | 5.4 | 0.00 | Nov 29, 2022 | KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form. | ||
| CVE-2022-42099 | Med | 0.35 | 5.4 | 0.00 | Nov 29, 2022 | KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location Forum Subject input. | ||
| CVE-2024-26472 | 0.00 | — | 0.01 | Feb 27, 2024 | KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site scripting (XSS) vulnerability which may allow remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' or 'validator'… |
- risk 0.57cvss 8.8epss 0.01
KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.
- risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. The attack can be launched remotely. The exploit is publicly available and might…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private Message Handler. Executing a manipulation of the argument c_id can lead to sql injection. It is…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
- risk 0.35cvss 5.4epss 0.00
KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location input reply-form.
- risk 0.35cvss 5.4epss 0.00
KLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location Forum Subject input.
- CVE-2024-26472Feb 27, 2024risk 0.00cvss —epss 0.01
KLiK SocialMediaWebsite version 1.0.1 from msaad1999 has a reflected cross-site scripting (XSS) vulnerability which may allow remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' or 'validator'…