55 matches found
LyLme spage v1.9.5 - Server-Side Request Forgery
LyLme spage v1.9.5 is vulnerable to server-side request forgery SSRF via the url parameter in apply/index.php. An attacker can force the server to make arbitrary requests, potentially accessing internal resources. id: CVE-2024-36675 info: name: LyLme spage v1.9.5 - Server-Side Request Forgery...
LyLme-Spage - Arbitary File Upload
An arbitrary file upload vulnerability in the component /include/file.php of lylmespage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted file. id: CVE-2024-34982 info: name: LyLme-Spage - Arbitary File Upload author: DhiyaneshDk severity: high description: | An arbitrary...
CVE-2024-34982
An arbitrary file upload vulnerability in the component /include/file.php of lylmespage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted file...
EUVD-2025-14256
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2024-36675
LyLmespage v1.9.5 is vulnerable to Server-Side Request Forgery SSRF via the gethead function...
CVE-2024-9789
A vulnerability was found in LyLmespage 1.9.5 and classified as critical. This issue affects some unknown processing of the file /admin/apply.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may...
CVE-2024-48356
LyLme Spage =1.6.0 is vulnerable to SQL Injection via /admin/group.php...
CVE-2024-48176
Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...
CVE-2024-48357
LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php...
CVE-2023-45952
An arbitrary file upload vulnerability in the component ajaxlink.php of lylmespage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file...
CVE-2025-4543
A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-4543 LyLme Spage ajax_link.php sql injection
A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-4543 LyLme Spage ajax_link.php sql injection
A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-4543 LyLme Spage ajax_link.php sql injection
A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-4543
CVE-2025-4543 concerns LyLme Spage v2.1. The vulnerability is an SQL injection in the admin/ajax_link.php endpoint, caused by improper handling of the sort argument. The issue is exploitable remotely and the exploit has been publicly disclosed. Affected component: lylme_spage/blob/master/admin/aj...
LyLme Spage 注入漏洞
LyLme Spage Six Zero navigation page is China Six Zero LyLme open source a navigation page . Dedicated to simple and efficient advertising-free Internet navigation and search portal , support for background links , custom search engine , precipitation of the most valuable links , no commercial...
PT-2025-20665 · Unknown · Lylme Spage
Name of the Vulnerable Software and Affected Versions: LyLme Spage version 2.1 Description: A critical issue was found in LyLme Spage, affecting an unknown part of the file lylme spage/blob/master/admin/ajax link.php. The manipulation of the sort argument leads to SQL injection. It is possible to...
CVE-2024-48176
Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...
CVE-2024-48176
Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...
CVE-2024-48176
Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...