Opensource Socialnetwork

opensource-socialnetwork

3 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Open Source Social Network

open_source_social_network

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-63585 1Opensource Socialnetwork 1Open Source Social Network Jan 9, 2026 Nov 5, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter.
CVE-2025-63441 1Opensource Socialnetwork 1Open Source Social Network Feb 4, 2026 Nov 3, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Open Source Social Network (OSSN) 8.6 is vulnerable to Cross Site Scripting (XSS) via the parameter param` at endpoint u/administrator/friends.
CVE-2020-10560 1Opensource Socialnetwork 1Open Source Social Network Jun 17, 2026 Mar 30, 2020 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to...Show more An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php.Show less