Filtered by vendor Lylme
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-45951 | 1 Lylme | 1 Lylme Spage | 2024-09-13 | 9.8 Critical |
lylme_spage v1.7.0 was discovered to contain a SQL injection vulnerability via the $userip parameter at function.php. | ||||
CVE-2023-45952 | 1 Lylme | 1 Lylme Spage | 2024-09-13 | 9.8 Critical |
An arbitrary file upload vulnerability in the component ajax_link.php of lylme_spage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file. | ||||
CVE-2024-36675 | 1 Lylme | 1 Lylme Spage | 2024-08-14 | 9.1 Critical |
LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. | ||||
CVE-2024-36674 | 1 Lylme | 1 Lylme Spage | 2024-08-02 | 6.1 Medium |
LyLme_spage v1.9.5 is vulnerable to Cross Site Scripting (XSS) via admin/link.php. |
Page 1 of 1.