CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Yahoo User Interface library (YUI2) TreeView v2.8.2 - Cross-Site Scripting

Reflected cross-site scripting XSS exists in the TreeView of YUI2 through 2800: up.php sam.php renderhidden.php removechildren.php removeall.php readd.php overflow.php newnode2.php newnode.php. id: CVE-2022-48197 info: name: Yahoo User Interface library YUI2 TreeView v2.8.2 - Cross-Site Scripting...

6.1CVSS6.2AI score0.36735EPSS

Exploits3References5

Snyk•added 2025/09/05 3:40 a.m.•2 views

Malicious Package

Overview yui2-treeview is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score

Exploits0References2

OSV•added 2025/09/05 3:40 a.m.•1 views

MAL-2025-42157 Malicious code in yui2-animation (npm)

The package yui2-animation was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 075f8fc51a15a005755c226c80fb0355dda105449ade6f949deced74ddbd7b56 Any computer that has this package installed or running should be considered fully...

6.9AI score

Exploits0References3

OSSF Malicious Packages•added 2025/09/05 3:40 a.m.•2 views

Malicious code in yui2-treeview (npm)

The package yui2-treeview was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe84263428228e04358ddd36ac76a8372fa21980918b3a9acd4144397683ea32 Any computer that has this package installed or running should be considered fully...

6.9AI score

Exploits0References3

OSSF Malicious Packages•added 2025/09/05 3:40 a.m.•2 views

Malicious code in yui2-animation (npm)

6.9AI score

Exploits0References3

OSV•added 2025/09/05 3:40 a.m.•1 views

MAL-2025-42158 Malicious code in yui2-treeview (npm)

6.9AI score

Exploits0References3

RedhatCVE•added 2025/05/23 12:32 a.m.•6 views

CVE-2022-48197

Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

6.1CVSS5.8AI score0.36735EPSS

Exploits3References1

Packet Storm•added 2023/04/03 12:0 a.m.•207 views

Yahoo User Interface TreeView 2.8.2 Cross Site Scripting

Exploit Title: Yahoo User Interface library YUI2 TreeView v2.8.2 - Multiple Reflected Cross Site Scripting XSS Google Dork: N/A Date: 2/1/2023 Exploit Author: Rian Saaty Vendor Homepage: https://yui.github.io/yui2/ Software Link: https://yui.github.io/yui2/ Version: 2.8.2 Tested on: MacOS,...

6.1CVSS6.4AI score0.36735EPSS

Exploits3

Exploit DB•added 2023/04/01 12:0 a.m.•193 views

Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)

6.1CVSS6.3AI score0.36735EPSS

Exploits3

NVD•added 2023/01/02 4:15 p.m.•13 views

CVE-2022-48197

6.1CVSS6AI score0.36735EPSS

Exploits3References6

OSV•added 2023/01/02 4:15 p.m.•24 views

CVE-2022-48197

6.1CVSS5.9AI score0.36735EPSS

Exploits3References6

Prion•added 2023/01/02 4:15 p.m.•21 views

Cross site scripting

Reflected cross-site scripting XSS exists in the TreeView of YUI2 through 2800: up.php sam.php renderhidden.php removechildren.php removeall.php readd.php overflow.php newnode2.php newnode.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.8CVSS5.9AI score0.36735EPSS

Exploits3References3Affected Software1

UbuntuCve•added 2023/01/02 4:15 p.m.•36 views

CVE-2022-48197

6.1CVSS6.3AI score0.36735EPSS

Exploits3References4

CVE•added 2023/01/02 12:0 a.m.•119 views

CVE-2022-48197

CVE-2022-48197 is a reflected XSS in Yahoo User Interface (YUI2) TreeView v2.8.2. The vulnerability exists in the TreeView PHP files (up.php, sam.php, renderhidden.php, removechildren.php, removeall.php, readd.php, overflow.php, newnode2.php, newnode.php) and is exploitable via crafted mode param...

6.1CVSS5.9AI score0.36735EPSS

Exploits3References6Affected Software1

Vulnrichment•added 2023/01/02 12:0 a.m.•18 views

CVE-2022-48197

5.8AI score0.36735EPSS

Exploits3References6

Cvelist•added 2023/01/02 12:0 a.m.•14 views

CVE-2022-48197

6.2AI score0.36735EPSS

Exploits3References6

Positive Technologies•added 2023/01/02 12:0 a.m.•4 views

PT-2023-15613 · Yui2 · Yui2

Name of the Vulnerable Software and Affected Versions: YUI2 affected versions not specified Description: Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component, and the YUI Javascript library overall are not affected...

6.1CVSS6AI score0.36735EPSS

Exploits3References15

Tenable Nessus•added 2012/11/26 12:0 a.m.•8 views

Fedora 16 : bugzilla-4.0.9-1.fc16 (2012-18224)

These releases fix a number of issues with Bugzilla. - Confidential product and component names can be disclosed to unauthorized users if they are used to control the visibility of a custom field. - When calling the 'User.get' WebService method with a 'groups' argument, it is possible to check if...

5.6AI score

Exploits0References1

Tenable Nessus•added 2012/11/26 12:0 a.m.•10 views

Fedora 17 : bugzilla-4.0.9-1.fc17 (2012-18210)

5.6AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by