VYPR
Vendor

HYBBS2

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2022-24677CriFeb 9, 2022
    risk 0.64cvss 9.8epss 0.02

    Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php.

  • CVE-2022-24676HigFeb 9, 2022
    risk 0.57cvss 8.8epss 0.01

    update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive.

  • CVE-2019-10644HigMar 30, 2019
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in HYBBS 2.2. /?admin/user.html has a CSRF vulnerability that can add an administrator account.

  • CVE-2018-14499MedMar 7, 2019
    risk 0.40cvss 6.1epss 0.01

    An issue was found in HYBBS through 2016-03-08. There is an XSS vulnerablity via an article title to post.html.