Vulnerabilities > Diyhi > BBS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-28 | CVE-2021-43097 | Code Injection vulnerability in Diyhi BBS 5.3 A Server-side Template Injection (SSTI) vulnerability exists in bbs 5.3 in TemplateManageAction.javawhich could let a malicoius user execute arbitrary code. | 7.2 |
| 2022-03-28 | CVE-2021-43098 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function. | 7.2 |
| 2022-03-28 | CVE-2021-43100 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 7.2 |
| 2022-03-28 | CVE-2021-43101 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 7.2 |
| 2022-03-28 | CVE-2021-43102 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 7.2 |
| 2022-03-28 | CVE-2021-43103 | Unrestricted Upload of File with Dangerous Type vulnerability in Diyhi BBS 5.3 A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code. | 7.2 |