Vulnerabilities > Verydows

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-12	CVE-2023-51949	Cross-Site Request Forgery (CSRF) vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /protected/controller/backend/role_controller network low complexity verydows CWE-352	8.8
2023-05-09	CVE-2020-23363	Cross-Site Request Forgery (CSRF) vulnerability in Verydows Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script. network low complexity verydows CWE-352	8.8
2022-04-26	CVE-2022-28058	Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php. network low complexity verydows CWE-22	5.5
2022-04-26	CVE-2022-28059	Path Traversal vulnerability in Verydows 2.0 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php. network low complexity verydows CWE-22	5.5
2019-02-16	CVE-2019-8363	Cross-site Scripting vulnerability in Verydows 2.0 Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value. network verydows CWE-79	4.3
2019-02-12	CVE-2019-7753	Cross-site Scripting vulnerability in Verydows 2.0 Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer parameter. network verydows CWE-79	4.3
2019-02-11	CVE-2019-7737	Cross-Site Request Forgery (CSRF) vulnerability in Verydows 2.0 A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit. network verydows CWE-352	6.8

Vulnerabilities > Verydows {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Verydows"}]}

Vulnerabilities > Verydows