Vulnerabilities > Online Discussion Forum Site Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-16 | CVE-2022-31295 | Authorization Bypass Through User-Controlled Key vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. | 7.5 |
2022-06-16 | CVE-2022-31294 | Cross-Site Request Forgery (CSRF) vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. | 6.5 |
2022-06-16 | CVE-2022-31911 | SQL Injection vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 Online Discussion Forum Site v1.0 is vulnerable to SQL Injection via /odfs/classes/Master.php?f=delete_team. | 7.2 |
2022-06-16 | CVE-2022-31913 | Cross-site Scripting vulnerability in Online Discussion Forum Site Project Online Discussion Forum Site 1.0 Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. | 4.8 |