VYPR
Vendor

PHP-Factory

Products
4
CVEs
4
Across products
6
Status
Private

Products

4

Recent CVEs

4
  • CVE-2020-5616CriAug 4, 2020
    risk 0.64cvss 9.8epss 0.03

    [Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and…

  • CVE-2020-5615HigAug 4, 2020
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar02] free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

  • CVE-2021-20725MedMay 24, 2021
    risk 0.40cvss 6.1epss 0.01

    Reflected cross-site scripting vulnerability in the admin page of [Calendar01] free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors.

  • CVE-2021-20723MedMay 24, 2021
    risk 0.40cvss 6.1epss 0.01

    Reflected cross-site scripting vulnerability in [MailForm01] free edition (versions which the last updated date listed at the top of descriptions in the program file is from 2014 December 12 to 2018 July 27) allows a remote attacker to inject an arbitrary script via unspecified…