VYPR
Vendor

Dreamfactorysoftware

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2025-55988HigMar 20, 2026
    risk 0.40cvss 7.2epss 0.01

    An issue in the component /Controllers/RestController.php of DreamFactory Core v1.0.3 allows attackers to execute a directory traversal via an unsanitized URI path.

  • CVE-2025-13700HigDec 23, 2025
    risk 0.40cvss 7.2epss 0.01

    DreamFactory saveZipFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of DreamFactory. Authentication is required to exploit this vulnerability. The specific flaw exists…