Browse all 3 CVE security advisories affecting Astrotalks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Astrotalks provides astrology consultation services through its online platform. Historically, the application has been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from improper input validation. Privilege escalation vulnerabilities have also been identified, allowing unauthorized access to user accounts. The platform currently has three CVEs on record, with security researchers noting consistent issues in user input handling and session management. While no major public security incidents have been documented, the pattern of vulnerabilities suggests ongoing challenges in secure coding practices, particularly in web application security layers.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-5525 | Improper privilege management vulnerability in Astrotalks — AstrotalksCWE-269 | 8.3 | High | 2024-05-31 |
| CVE-2024-5524 | Information exposure vulnerability in Astrotalks — AstrotalksCWE-200 | 5.3 | Medium | 2024-05-31 |
| CVE-2024-5523 | SQL injection vulnerability in Astrotalks — AstrotalksCWE-89 | 8.8 | High | 2024-05-31 |
This page lists every published CVE security advisory associated with Astrotalks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.