VYPR
Vendor

OpenSNS

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2020-21726CriOct 7, 2021
    risk 0.64cvss 9.8epss 0.01

    OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the cid parameter.

  • CVE-2020-21725CriOct 7, 2021
    risk 0.64cvss 9.8epss 0.01

    OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Controller/ChinaCityController.class.php via the pid parameter.

  • CVE-2019-14266HigJul 25, 2019
    risk 0.57cvss 8.8epss 0.01

    OpenSNS v6.1.0 allows SQL Injection via the index.php?s=/ucenter/Config/ uid parameter because of the getNeedQueryData function in Application/Common/Model/UserModel.class.php.