Shodan
Vulnerabilities
Vulnerable Software
Moosocial:  >> Moosocial  Security Vulnerabilities
CVE-2023-45542
Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function.
CVSS Score
6.1
EPSS Score
0.385
Published
2023-10-16
CVE-2023-44812
Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the admin_redirect_url parameter of the user login function.
CVSS Score
6.1
EPSS Score
0.223
Published
2023-10-09
CVE-2023-44813
Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function.
CVSS Score
6.1
EPSS Score
0.112
Published
2023-10-09
CVE-2023-44811
Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function.
CVSS Score
8.8
EPSS Score
0.033
Published
2023-10-09
CVE-2023-43323
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink].
CVSS Score
6.5
EPSS Score
0.63
Published
2023-09-28
CVE-2023-43325
A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL.
CVSS Score
6.1
EPSS Score
0.127
Published
2023-09-26
CVE-2023-43326
A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL.
CVSS Score
6.1
EPSS Score
0.207
Published
2023-09-25
CVE-2023-40868
Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions.
CVSS Score
8.8
EPSS Score
0.032
Published
2023-09-14
CVE-2023-40869
Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_categorias functions.
CVSS Score
6.1
EPSS Score
0.056
Published
2023-09-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved