Filtered by vendor Yeswiki
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-51478 | 1 Yeswiki | 1 Yeswiki | 2024-11-01 | 9.9 Critical |
| YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the password of any account. This issue is fixed in 4.4.5. | ||||
| CVE-2018-1000641 | 1 Yeswiki | 1 Yeswiki | 2024-09-16 | N/A |
| YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information. | ||||
| CVE-2018-13045 | 1 Yeswiki | 1 Cercopitheque | 2024-08-05 | N/A |
| SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter. | ||||
| CVE-2021-43091 | 1 Yeswiki | 1 Yeswiki | 2024-08-04 | 7.5 High |
| An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form. | ||||
Page 1 of 1.