Vulnerabilities (CVE)

Filtered by vendor Openteknik Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-34966 1 Openteknik 1 Open Source Social Network 2024-11-21 N/A 7.5 HIGH
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home.
CVE-2022-34965 1 Openteknik 1 Open Source Social Network 2024-11-21 N/A 7.2 HIGH
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/com_installer. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. Note: The project owner believes this is intended behavior of the application as it only allows authenticated admins to upload files.
CVE-2022-34964 1 Openteknik 1 Open Source Social Network 2024-11-21 N/A 4.8 MEDIUM
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages module.
CVE-2022-34963 1 Openteknik 1 Open Source Social Network 2024-11-21 N/A 5.4 MEDIUM
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.
CVE-2022-34962 1 Openteknik 1 Open Source Social Network 2024-11-21 N/A 5.4 MEDIUM
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module.
CVE-2022-34961 1 Openteknik 1 Open Source Social Network 2024-11-21 N/A 5.4 MEDIUM
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module.