CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 12:40 p.m.•5 views

CVE-2023-25402

CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload...

7.5CVSS6.9AI score0.00193EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-30573

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00233EPSS

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-30572

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02023EPSS

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-29357

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00193EPSS

RedhatCVE•added 2025/05/23 3:29 a.m.•5 views

CVE-2023-26779

CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution RCE...

9.8CVSS7.8AI score0.02023EPSS

RedhatCVE•added 2025/05/23 3:15 a.m.•3 views

CVE-2023-26780

CleverStupidDog yf-exam v 1.8.0 is vulnerable to SQL Injection...

9.8CVSS7.6AI score0.00233EPSS

NVD•added 2023/03/03 11:15 p.m.•10 views

CVE-2023-25403

7.5CVSS7.5AI score0.00206EPSS

NVD•added 2023/03/03 11:15 p.m.•6 views

CVE-2023-26779

CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution RCE...

9.8CVSS9.8AI score0.02023EPSS

OSV•added 2023/03/03 11:15 p.m.•2 views

CVE-2023-25402

CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload...

7.5CVSS7.1AI score0.00193EPSS

OSV•added 2023/03/03 11:15 p.m.•2 views

CVE-2023-26779

CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution RCE...

9.8CVSS7.8AI score0.02023EPSS

NVD•added 2023/03/03 11:15 p.m.•11 views

CVE-2023-25402

CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload...

7.5CVSS7.5AI score0.00193EPSS

Prion•added 2023/03/03 11:15 p.m.•15 views

Authentication flaw

5CVSS7.5AI score0.00206EPSS

Prion•added 2023/03/03 11:15 p.m.•12 views

Deserialization of untrusted data

CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution RCE...

7.5CVSS9.7AI score0.02023EPSS

Prion•added 2023/03/03 11:15 p.m.•17 views

Unrestricted file upload

CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload...

5CVSS7.5AI score0.00193EPSS

Cvelist•added 2023/03/03 12:0 a.m.•13 views

CVE-2023-25403

7.7AI score0.00206EPSS

CNNVD•added 2023/03/03 12:0 a.m.•3 views

yf-exam 代码问题漏洞

yf-exam CloudFan Training Exam System is a training exam system for CleverStupidDog individual developers. A security vulnerability exists in CleverStupidDog yf-exam version 1.8.0, which stems from the lack of restriction on the suffix of uploaded files, resulting in an arbitrary file upload...

7.5CVSS7.5AI score0.00193EPSS

Exploits1References3

Cvelist•added 2023/03/03 12:0 a.m.•12 views

CVE-2023-26779

CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution RCE...

10AI score0.02023EPSS

Vulnrichment•added 2023/03/03 12:0 a.m.•7 views

CVE-2023-25403

6.9AI score0.00206EPSS

CVE•added 2023/03/03 12:0 a.m.•61 views

CVE-2023-26779

CVE-2023-26779 affects CleverStupidDog yf-exam v1.8.0. The vulnerability is described as a Deserialization flaw that can lead to Remote Code Execution (RCE). CVSS 3.1 base score 9.8 (CRITICAL) with NETWORK attack vector, low attack complexity, no privileges or user interaction required, and impac...

9.8CVSS9.7AI score0.02023EPSS