4 matches found
PT-2025-15701 · Verydows · Verydows
Name of the Vulnerable Software and Affected Versions: verydows version 2.0 Description: The issue is related to insecure permissions, allowing a remote attacker to execute arbitrary code by uploading a specific file type. This can be achieved through the action of loading a particular type of...
CVE-2025-29394
An insecure permissions vulnerability in verydows v2.0 allows a remote attacker to execute arbitrary code by uploading a file type...
PT-2024-14335 · Verydows · Verydows
Name of the Vulnerable Software and Affected Versions: Verydows version 2.0 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /protected/controller/backend/role controller component. This allows for unauthorized actions to be performed on behalf of a user without their...
CVE-2023-51949
Verydows v2.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /protected/controller/backend/rolecontroller...