VYPR

HadSky

by HadSky

CVEs (6)

  • CVE-2023-46428HigNov 1, 2023
    risk 0.57cvss 8.8epss 0.01

    An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary code via a crafted file.

  • CVE-2023-1685MedMar 29, 2023
    risk 0.41cvss 6.3epss 0.04

    A vulnerability was found in HadSky up to 7.11.8. It has been declared as critical. This vulnerability affects unknown code of the file /install/index.php of the component Installation Interface. The manipulation leads to command injection. The attack can be initiated remotely.…

  • CVE-2024-30885MedApr 11, 2024
    risk 0.40cvss 6.1epss 0.01

    Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component .

  • CVE-2024-30886MedApr 23, 2024
    risk 0.35cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter.

  • CVE-2023-1684MedMar 29, 2023
    risk 0.31cvss 4.7epss 0.01

    A vulnerability was found in HadSky 7.7.16. It has been classified as problematic. This affects an unknown part of the file upload/index.php?c=app&a=superadmin:index. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has…

  • CVE-2023-3579MedJul 10, 2023
    risk 0.28cvss 4.3epss 0.00

    A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Affected by this issue is some unknown functionality of the component User Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has…