Lucene search
K

251 matches found

Nuclei
Nuclei
added yesterday95 views

Yeswiki < 4.5.2 - Unauthenticated Path Traversal

YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. id: CVE-2025-31131 info: name: Yeswiki 4.5.2 - Unauthenticated Path Traversal author: iamnoooob,rootxharsh,pdresearch severity: high...

8.6CVSS7.1AI score0.05366EPSS
Exploits6References3
Nuclei
Nuclei
added yesterday7 views

YesWiki Reflected XSS via File Upload

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthenticated user to create a link that can be clicked on by the victim to perform arbitrary actions. This issue has been...

7.6CVSS6.1AI score0.00582EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday16 views

YesWiki < 4.5.4 - Cross-Site Scripting

YesWiki 4.5.4 contains a reflected cross-site scripting caused by unsanitized idformulaire parameter in /?BazaR endpoint, letting attackers steal cookies and hijack sessions, exploit requires user to click malicious link. id: CVE-2025-46550 info: name: YesWiki 4.5.4 - Cross-Site Scripting author:...

6.1CVSS6AI score0.00498EPSS
Exploits1References2
Circl
Circl
added 5 days ago6 views

CVE-2026-52762

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:30+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-65p8-9433-jpcp...

5.9AI score0.00109EPSS
Exploits0References1
Circl
Circl
added 5 days ago7 views

CVE-2026-52763

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:28+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-89v6-j5x6-cmj3...

5.9AI score0.00044EPSS
Exploits0References1
Circl
Circl
added 5 days ago6 views

CVE-2026-52767

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:23+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-mv28-wj57-f57g...

5.9AI score0.00022EPSS
Exploits0References1
Circl
Circl
added 5 days ago5 views

CVE-2026-52769

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:21+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-vw42-752g-5mrp...

5.9AI score0.00066EPSS
Exploits0References1
Circl
Circl
added 5 days ago6 views

CVE-2026-52770

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:19+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-qg78-vmvc-fhjw...

5.9AI score0.00047EPSS
Exploits0References1
Circl
Circl
added 5 days ago6 views

CVE-2026-52771

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:16+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-8f2v-2qhj-gfwg...

5.9AI score0.00033EPSS
Exploits0References1
Circl
Circl
added 5 days ago6 views

CVE-2026-52772

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:14+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-xc7j-3g8q-9vh4...

5.9AI score0.00034EPSS
Exploits0References1
Circl
Circl
added 5 days ago9 views

CVE-2026-52773

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:12+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-35f3-pg38-486f...

5.9AI score0.00031EPSS
Exploits0References1
Circl
Circl
added 5 days ago7 views

CVE-2026-52774

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:10+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-r5xw-gcgw-hwp5 2026-07-13 06:00:05+00:00| confirmed|...

6.1AI score0.00039EPSS
Exploits0References2
Circl
Circl
added 5 days ago6 views

CVE-2026-52775

creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:07+00:00| published-proof-of-concept| https://github.com/YesWiki/yeswiki/security/advisories/GHSA-4pf7-cc4r-g63h...

5.9AI score0.00034EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago11 views

EUVD-2026-35181

YesWiki has Unsafe eval in its Formula Calculato, Leading to Remote Code Execution & Denial of Service...

9.8CVSS6.1AI score0.00561EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-57027

Name of the Vulnerable Software and Affected Versions YesWiki versions prior to 4.6.6 Description An issue exists in the erasespamedcomments wiki action, located in actions/EraseSpamedCommentsAction.php, which allows unauthenticated users to permanently delete arbitrary wiki pages. The action...

9.1CVSS6.2AI score0.00052EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/15 7:3 a.m.11 views

YesWiki < 4.6.4 - Unauthenticated SQL Injection

YesWiki before version 4.6.4 contains an unauthenticated SQL injection vulnerability in the Bazar form-import path. The bnidnature parameter in FormManager::create is concatenated into an INSERT statement without sanitization, allowing unauthenticated attackers to inject arbitrary SQL and read th...

5.8AI score0.0004EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.11 views

CVE-2026-52778

YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator CalcField.php of YesWiki. The application attempts to sanitize user-defined mathematical formulas using a complex recursive regular expression before passin...

9.8CVSS6AI score0.00561EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 7:16 p.m.11 views

CVE-2026-52778

YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator CalcField.php of YesWiki. The application attempts to sanitize user-defined mathematical formulas using a complex recursive regular expression before passin...

9.8CVSS0.00561EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/08 6:24 p.m.9 views

CVE-2026-52778 YesWiki has Unsafe eval() in Formula Calculator - Remote Code Execution (RCE) & Denial of Service (DoS)

YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator CalcField.php of YesWiki. The application attempts to sanitize user-defined mathematical formulas using a complex recursive regular expression before passin...

9.8CVSS6AI score0.00561EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/08 6:24 p.m.10 views

CVE-2026-52778

YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator CalcField.php of YesWiki. The application attempts to sanitize user-defined mathematical formulas using a complex recursive regular expression before passin...

9.8CVSS6AI score0.00561EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder