Vulnerabilities > Hyphp

DATE CVE VULNERABILITY TITLE RISK
2022-02-09 CVE-2022-24676 Unrestricted Upload of File with Dangerous Type vulnerability in Hyphp Hybbs2
update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive.
network
low complexity
hyphp CWE-434
6.5
2022-02-09 CVE-2022-24677 Unspecified vulnerability in Hyphp Hybbs2
Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php.
network
low complexity
hyphp
7.5
2019-03-30 CVE-2019-10644 Cross-Site Request Forgery (CSRF) vulnerability in Hyphp Hybbs 2.2
An issue was discovered in HYBBS 2.2.
network
hyphp CWE-352
6.8
2019-03-07 CVE-2018-14499 Cross-site Scripting vulnerability in Hyphp Hybbs 2.2/20160308
An issue was found in HYBBS through 2016-03-08.
network
hyphp CWE-79
4.3