VYPR
Vendor

Phpyun

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2024-54724CriJan 9, 2025
    risk 0.64cvss 9.8epss 0.01

    PHPYun before 7.0.2 is vulnerable to code execution through backdoor-restricted arbitrary file writing and file inclusion.

  • CVE-2020-23768HigMay 21, 2021
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability was discovered in alipay_function.php in the log file of Alibaba payment interface on PHPPYUN prior to version 5.0.1. If exploited, this vulnerability will allow attackers to obtain users' personally identifiable information including…

  • CVE-2018-18713HigOct 29, 2018
    risk 0.49cvss 7.5epss 0.02

    The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.

  • CVE-2018-18626HigOct 23, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in PHPYun V4.6. There is a vulnerability that can delete any file or directory via the "admin/index.php?m=database&c=del" sql parameter because del_action() in admin/model/database.class.php mishandles this parameter.

  • CVE-2010-4796Apr 27, 2011
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) provinceid parameter to search.php and the (2) e parameter to resumeview.php.