Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 26 May 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 26 May 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Fyffe
Fyffe php-twitter-clone |
|
| Vendors & Products |
Fyffe
Fyffe php-twitter-clone |
Mon, 25 May 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit union-based or time-based blind SQL injection payloads to extract sensitive database information including usernames, passwords, and database credentials. | |
| Title | Twitter-Clone 1 SQL Injection via follow.php | |
| Weaknesses | CWE-89 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-05-26T15:22:40.410Z
Reserved: 2026-05-24T13:30:45.539Z
Link: CVE-2018-25362
Updated: 2026-05-26T15:22:34.631Z
Status : Deferred
Published: 2026-05-25T15:16:18.787
Modified: 2026-06-17T01:55:19.053
Link: CVE-2018-25362
No data.
OpenCVE Enrichment
Updated: 2026-05-26T13:00:42Z