Filtered by vendor Yeswiki Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-43091 1 Yeswiki 1 Yeswiki 2024-11-21 7.5 High
An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form.
CVE-2018-13045 1 Yeswiki 1 Cercopitheque 2024-11-21 N/A
SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.
CVE-2018-1000641 1 Yeswiki 1 Yeswiki 2024-11-21 N/A
YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information.
CVE-2024-51478 1 Yeswiki 1 Yeswiki 2024-11-01 9.9 Critical
YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5.