Verydows
by Verytops
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-23363 | Hig | 0.57 | 8.8 | 0.00 | May 9, 2023 | Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script. | ||
| CVE-2019-7737 | Hig | 0.57 | 8.8 | 0.01 | Feb 11, 2019 | A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit. | ||
| CVE-2025-29394 | Hig | 0.53 | 8.1 | 0.01 | Apr 9, 2025 | An insecure permissions vulnerability in verydows v2.0 allows a remote attacker to execute arbitrary code by uploading a file type. | ||
| CVE-2019-8363 | Med | 0.40 | 6.1 | 0.01 | Feb 16, 2019 | Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value. |
- risk 0.57cvss 8.8epss 0.00
Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script.
- risk 0.57cvss 8.8epss 0.01
A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit.
- risk 0.53cvss 8.1epss 0.01
An insecure permissions vulnerability in verydows v2.0 allows a remote attacker to execute arbitrary code by uploading a file type.
- risk 0.40cvss 6.1epss 0.01
Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value.