Vulnerabilities > Online Discussion Forum Site Project > Online Discussion Forum Site > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-16	CVE-2022-31295	Authorization Bypass Through User-Controlled Key vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. network low complexity online-discussion-forum-site-project CWE-639	5.0
2022-06-16	CVE-2022-31294	Cross-Site Request Forgery (CSRF) vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. network online-discussion-forum-site-project CWE-352	4.3
2022-06-16	CVE-2022-31911	SQL Injection vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. network low complexity online-discussion-forum-site-project CWE-89	6.5
2022-06-16	CVE-2022-31913	Cross-site Scripting vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. network online-discussion-forum-site-project CWE-79	3.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.