VYPR

Vvvebjs

by Givanz

Source repositories

CVEs (6)

  • CVE-2025-8522MedAug 4, 2025
    risk 0.33cvss 5.0epss 0.00

    A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4. Affected is an unknown function of the file /save.php of the component node.js. The manipulation of the argument File leads to path traversal. It is possible to launch the attack…

  • CVE-2026-5615MedApr 6, 2026
    risk 0.21cvss 4.3epss 0.01

    A weakness has been identified in givanz Vvvebjs up to 2.0.5. The affected element is an unknown function of the file upload.php of the component File Upload Endpoint. This manipulation of the argument uploadAllowExtensions causes cross site scripting. Remote exploitation of the…

  • CVE-2024-25183Dec 29, 2025
    risk 0.00cvss epss 0.01

    givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php.

  • CVE-2024-25182Dec 29, 2025
    risk 0.00cvss epss 0.00

    givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php.

  • CVE-2024-25181Dec 29, 2025
    risk 0.00cvss epss 0.00

    A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery (SSRF) and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "file_get_contents" function within the "save.php"…

  • CVE-2024-27480Dec 29, 2025
    risk 0.00cvss epss 0.00

    givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload.