Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Phpyun Security Vulnerabilities

cve
cve

CVE-2020-23768

An information disclosure vulnerability was discovered in alipay_function.php in the log file of Alibaba payment interface on PHPPYUN prior to version 5.0.1. If exploited, this vulnerability will allow attackers to obtain users' personally identifiable information including e-mail address and...

7.5CVSS

6.8AI Score

0.003EPSS

2021-05-21 06:15 PM
46
cve
cve

CVE-2018-18713

The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../...

7.5CVSS

7.5AI Score

0.005EPSS

2018-10-29 12:29 PM
19
cve
cve

CVE-2018-18626

An issue was discovered in PHPYun V4.6. There is a vulnerability that can delete any file or directory via the "admin/index.php?m=database&c=del" sql parameter because del_action() in admin/model/database.class.php mishandles this...

7.5CVSS

7.4AI Score

0.001EPSS

2018-10-23 07:29 PM
26
cve
cve

CVE-2010-4796

Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) provinceid parameter to search.php and the (2) e parameter to...

9.5AI Score

0.001EPSS

2011-04-27 12:55 AM
16