VYPR

Yourls

by Yourls

Source repositories

CVEs (6)

  • CVE-2021-3734HigAug 26, 2021
    risk 0.50cvss 8.8epss 0.00

    yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames

  • CVE-2022-0088HigApr 3, 2022
    risk 0.44cvss 7.4epss 0.02

    Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls prior to 1.8.3.

  • CVE-2021-3783MedSep 15, 2021
    risk 0.33cvss 6.1epss 0.01

    yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-3785MedSep 15, 2021
    risk 0.28cvss 5.4epss 0.01

    yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2014-8488Dec 10, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality.

  • CVE-2011-3824Sep 24, 2011
    risk 0.00cvss epss 0.01

    Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files.