EUVD-2022-2916

Malicious code in bioql PyPI...

HumHub Cross-Site Scripting Vulnerability (CNVD-2022-82657)

HumHub is a set of open source social networking software written on the Yii PHP framework. HumHub suffers from a cross-site scripting vulnerability that could be exploited by attackers to insert malicious javascript into the space name...

HumHub has an unspecified vulnerability (CNVD-2022-82660)

Humhub is a set of open source social networking software written on the Yii PHP framework. HumHub has a security vulnerability that could be exploited by attackers to escalate privileges...

HumHub Licensing Issue Vulnerability

Humhub is a set of open source social networking software written on the Yii PHP framework. HumHub suffers from an authorization issue vulnerability that stems from the possibility of registered users becoming unauthorized members of a private space. No detailed vulnerability details are availabl...

Yii PHP Framework arbitrary PHP scripts execution

The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property...

CVE-2014-4672

The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property...

Code injection

The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property...

CVE-2014-4672

CVE-2014-4672 affects Yii PHP Framework 1.1.14: the CDetailView widget’s value property can be exploited to execute arbitrary PHP scripts on the server. Public documents state the issue arises when user input is used to configure the value attribute, enabling remote code execution. A fix was rele...

CVE-2014-4672

The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property...