Filtered by vendor Yeswiki
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-43091 | 1 Yeswiki | 1 Yeswiki | 2024-11-21 | 7.5 High |
An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form. | ||||
CVE-2018-13045 | 1 Yeswiki | 1 Cercopitheque | 2024-11-21 | N/A |
SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter. | ||||
CVE-2018-1000641 | 1 Yeswiki | 1 Yeswiki | 2024-11-21 | N/A |
YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information. | ||||
CVE-2024-51478 | 1 Yeswiki | 1 Yeswiki | 2024-11-01 | 9.9 Critical |
YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5. |
Page 1 of 1.