6 matches found
Yii 输入验证错误漏洞
Yii is a high-performance PHP framework developed by the YII team. It is designed for developing large-scale web applications using components. Yii 2 versions 2.0.54 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from a logical flaw in the cor...
CVE-2023-47130
Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution RCE if the application calls unserialize on arbitrary user input. An attacker may leverage this vulnerability to compromise the host system. A fix has been developed for the 1.1.29...
Yiiframework Yii Improper Protection of Alternate Path Vulnerability
Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement Yii, including—but not limited to—Craft CMS, as represented by CVE-2025-32432...
Yii2 代码问题漏洞
Yii2 is a fast, secure and professional PHP framework from Yii Open Source. A code issue vulnerability exists in Yii2 2.0.45 and earlier versions, which stems from a deserialization issue and could lead to remote attacks...
PT-2025-15893
Name of the Vulnerable Software and Affected Versions Yii 2 versions prior to 2.0.52 Description The issue arises from the mishandling of behavior attachment, specifically when behaviors are defined by a class array key. This has been exploited in the wild, with approximately 13,000 vulnerable...
The vulnerability of the PHP framework Yii, related to the restoration of unreliable data structures in memory, allows attackers to execute arbitrary code.
The vulnerability of the PHP framework Yii is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...