CVE-2026-7002

CVSS v2.0

7.5

High

AV:N/AC:L/Au:N/C:P/I:P/A:P

A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get message ajax.php of the component Private Message Handler. Executing a manipulation of the argument c id can lead to sql injection. It is possible to launch the attack remotely.

Fix

SQL injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89CWE-74

Related Identifiers

CVE-2026-7002

Affected Products

Socialmediawebsite

CVE-2026-7002

Weakness Enumeration

Related Identifiers

Affected Products

References · 5