HTTP POST Request Parameter Injection Vulnerability in KLiK SocialMediaWebsite
CVE-2026-9422

6.9MEDIUM

Key Information:

Vendor

SourceCodester
Status
Klik Socialmediawebsite
Vendor
CVE Published:
25 May 2026

What is CVE-2026-9422?

A significant vulnerability was detected in the KLiK SocialMediaWebsite 1.0, concerning improper handling of HTTP POST request parameters. This flaw enables attackers to manipulate the request parameters, potentially leading to remote code execution or unauthorized data access. As the exploit is publicly available, it poses a serious risk, particularly to users who have not updated their software. It is advisable to assess and remediate the security of the application to prevent exploitation.

Affected Version(s)

KLiK SocialMediaWebsite 1.0

References

https://vuldb.com/vuln/365403
vdb-entry
https://vuldb.com/vuln/365403/cti
signaturepermissions-required
https://vuldb.com/submit/813734
third-party-advisory

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

g111 (VulDB User)
VulDB Vulnerability Moderation Team
.