Vulnerabilities > Yeswiki
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-25 | CVE-2021-43091 | SQL Injection vulnerability in Yeswiki 4.1.0 An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form. | 7.5 |
| 2019-01-02 | CVE-2018-13045 | SQL Injection vulnerability in Yeswiki Cercopitheque 201806191 SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter. | 9.8 |
| 2018-08-20 | CVE-2018-1000641 | Deserialization of Untrusted Data vulnerability in Yeswiki 201210221/201310171/201603171 YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information. | 9.8 |