Lucene search
K
PhpyunPhpyun

4 matches found

CVE
CVE
added 2021/05/21 5:11 p.m.74 views

CVE-2020-23768

CVE-2020-23768 describes an information-disclosure vulnerability in PHPPYUN before version 5.0.1, rooted in the Alibaba Payment Interface’s alipay_function.php log file. The issue allows an attacker to obtain users’ personal data, including email addresses and phone numbers. Public documentation ...

7.5CVSS7.1AI score0.01025EPSS
CVE
CVE
added 2018/10/23 7:0 p.m.58 views

CVE-2018-18626

The vulnerability CVE-2018-18626 affects PHPYun v4.6, where del_action() mishandles the sql parameter in admin/model/database.class.php, allowing deletion of arbitrary files or directories via admin/index.php?m=database&c=del. Connected sources (Red Hat, CVE listings, PT-Security) confirm the iss...

7.5CVSS7.5AI score0.0089EPSS
CVE
CVE
added 2011/04/27 12:0 a.m.38 views

CVE-2010-4796

CVE-2010-4796: Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote attackers to execute arbitrary SQL commands via the provinceid parameter to search.php and the e parameter to resumeview.php. These entries indicate the affected product and vulnerable parameters, with impacts desc...

7.5CVSS8.8AI score0.01084EPSS
CVE
CVE
added 2018/10/27 10:0 p.m.36 views

CVE-2018-18713

CVE-2018-18713 affects PHPYun 4.6. The vulnerability is in the function down_sql_action() of /admin/model/database.class.php, allowing remote attackers to read arbitrary files via directory traversal using the URI m=database&c=down_sql&name=../. Impact is reading local files; no in-field exploit ...

7.5CVSS7.5AI score0.02304EPSS