Yeswiki 漏洞列表
共找到 7 个与 Yeswiki 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2025-31131: Yeswiki < 4.5.2 - Unauthenticated Path Traversal POC
YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. -
CVE-2025-31131: Yeswiki < 4.5.2 - Unauthenticated Path Traversal POC
YesWiki is a wiki system written in PHP. The squelette parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. -
yeswiki-sql: YesWiki <2022-07-07 - SQL Injection POC
YesWiki before 2022-07-07 contains a SQL injection vulnerability via the id parameter in the AccueiL URL. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. -
yeswiki-stored-xss: YesWiki - Stored Cross-Site Scripting POC
YesWiki contains a stored contains a cross-site scripting vulnerability via the bf_text field when adding a new entry for Forum. -
yeswiki-xss: YesWiki <2022-07-07 - Cross-Site Scripting POC
YesWiki before 2022-07-07 contains a cross-site scripting vulnerability via the id parameter in the AccueiL URL. -
YesWiki 跨站脚本漏洞 无POC
YesWiki是法国YesWiki组织的一个用 PHP 编写的 wiki 系统。用于以协作方式创建和管理网站。 YesWiki 4.5.4之前版本存在跨站脚本漏洞,该漏洞源于文件上传表单存在反射型跨站脚本攻击。 -
YesWiki 加密问题漏洞 无POC
YesWiki是法国YesWiki组织的一个用 PHP 编写的 wiki 系统。用于以协作方式创建和管理网站。 YesWiki 4.4.5之前版本存在加密问题漏洞,该漏洞使用了弱加密算法和硬编码对密码重置密钥进行哈希处理,导致密钥可被恢复并用于重置任何账户的密码。