Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

NVD
NVDadded 2025/10/17 3:15 p.m.3 views

CVE-2025-11904

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The...

7.2CVSS0.00011EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/17 3:2 p.m.1 views

EUVD-2025-34885

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The...

6.5CVSS6.5AI score0.00011EPSS
Exploits1References6
Cvelist
Cvelistadded 2025/10/17 2:2 p.m.7 views

CVE-2025-11903 yanyutao0402 ChanCMS update sql injection

A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing a manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Th...

6.5CVSS0.00034EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-22817

Malicious code in bioql PyPI...

9.8CVSS4.9AI score0.00275EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-22863

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00817EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-27178

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00063EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-22573

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00264EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-27186

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00066EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-22816

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00454EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2025/09/10 7:2 p.m.3 views

CVE-2025-10210 yanyutao0402 ChanCMS Api.js search sql injection

A weakness has been identified in yanyutao0402 ChanCMS up to 3.3.0. Impacted is the function Search of the file app/modules/api/service/Api.js. Executing manipulation of the argument key can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the...

6.5CVSS6.5AI score0.00808EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/07/30 8:32 a.m.3 views

CVE-2025-8266

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical. Affected by this vulnerability is the function getArticle of the file app/modules/cms/controller/collect.js. The manipulation of the argument targetUrl leads to deserialization. The attack can be launch...

6.5CVSS7.2AI score0.00817EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/07/29 10:34 a.m.2 views

CVE-2025-8226

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been classified as problematic. Affected is an unknown function of the file /sysApp/find. The manipulation of the argument accessKey/secretKey leads to information disclosure. It is possible to launch the attack remotely. The...

9.8CVSS4.4AI score0.00275EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/07/29 10:34 a.m.4 views

CVE-2025-8228

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function getPages of the file /cms/collect/getPages. The manipulation of the argument targetUrl leads to server-side request forgery. The attack may be launched remotely. Th...

8.8CVSS6.3AI score0.00293EPSS
Exploits1References1
NVD
NVDadded 2025/07/28 9:15 a.m.2 views

CVE-2025-8266

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical. Affected by this vulnerability is the function getArticle of the file app/modules/cms/controller/collect.js. The manipulation of the argument targetUrl leads to deserialization. The attack can be launch...

6.5CVSS0.00817EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/07/28 8:32 a.m.1 views

CVE-2025-8266 yanyutao0402 ChanCMS collect.js getArticle deserialization

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical. Affected by this vulnerability is the function getArticle of the file app/modules/cms/controller/collect.js. The manipulation of the argument targetUrl leads to deserialization. The attack can be launch...

6.5CVSS6.4AI score0.00817EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/07/28 12:0 a.m.2 views

PT-2025-31058 · Yanyutao0402 · Chancms

Name of the Vulnerable Software and Affected Versions: yanyutao0402 ChanCMS versions through 3.1.2 Description: A critical vulnerability exists in yanyutao0402 ChanCMS. The getArticle function within the app/modules/cms/controller/collect.js file is susceptible to deserialization due to...

6.5CVSS6.4AI score0.00817EPSS
Exploits1References8
NVD
NVDadded 2025/07/27 10:15 a.m.4 views

CVE-2025-8228

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function getPages of the file /cms/collect/getPages. The manipulation of the argument targetUrl leads to server-side request forgery. The attack may be launched remotely. Th...

8.8CVSS0.00293EPSS
Exploits1References5
CVE
CVEadded 2025/07/27 9:32 a.m.14 views

CVE-2025-8228

ChanCMS up to 3.1.2 contains a server-side request forgery in the getPages function (/cms/collect/getPages) where manipulating the targetUrl parameter can access internal resources. Several sources confirm remote-executable SSRF with public disclosure of the exploit; upgrading to 3.1.3 addresses ...

8.8CVSS6.4AI score0.00293EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2025/07/27 9:32 a.m.2 views

CVE-2025-8228 yanyutao0402 ChanCMS getPages server-side request forgery

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function getPages of the file /cms/collect/getPages. The manipulation of the argument targetUrl leads to server-side request forgery. The attack may be launched remotely. Th...

6.5CVSS6.4AI score0.00293EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/07/27 9:32 a.m.8 views

CVE-2025-8228 yanyutao0402 ChanCMS getPages server-side request forgery

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function getPages of the file /cms/collect/getPages. The manipulation of the argument targetUrl leads to server-side request forgery. The attack may be launched remotely. Th...

6.5CVSS0.00293EPSS
Exploits1References5
Rows per page
Query Builder