Filtered by vendor Ourphp Subscriptions
Filtered by product Ourphp Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-51965 1 Ourphp 1 Ourphp 2025-08-15 6.1 Medium
OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting (XSS) via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface.
CVE-2023-30212 1 Ourphp 1 Ourphp 2025-02-03 6.1 Medium
OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php.
CVE-2023-30211 1 Ourphp 1 Ourphp 2025-02-03 9.8 Critical
OURPHP <= 7.2.0 is vulnerable to SQL Injection.
CVE-2023-30210 1 Ourphp 1 Ourphp 2025-02-03 6.1 Medium
OURPHP <= 7.2.0 is vulnerable to Cross Site Scripting (XSS) via ourphp_tz.php.