Lucene search
K

5 matches found

CNNVD
CNNVD
added 2026/05/07 12:0 a.m.9 views

Admidio 信息泄露漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there was a vulnerability involving information leakage. This...

2.7CVSS5.9AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 4:56 p.m.34 views

GHSA-M2P5-FWP2-QCW2 Yii Framework Code Injection

Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension...

8.1CVSS8.6AI score0.0152EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/24 4:56 p.m.19 views

Yii Framework Code Injection

Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension...

8.1CVSS6.8AI score0.0152EPSS
Exploits0References5Affected Software2
Prion
Prion
added 2018/03/21 6:29 p.m.18 views

Design/Logic Flaw

Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension...

6.8CVSS8.7AI score0.0152EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/03/21 6:0 p.m.58 views

CVE-2018-8074

The CVE-2018-8074 entry affects Yii 2.x before 2.0.15. The vulnerability is in framework/db/ActiveRecord.php (findByCondition) where remote attackers can inject unintended SQL conditions via findOne()/findAll(), often in conjunction with the Elasticsearch extension. This is a SQL injection in the...

8.1CVSS8.5AI score0.0152EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder