Vulnerabilities > Yeswiki > Yeswiki

DATE CVE VULNERABILITY TITLE RISK
2022-03-25 CVE-2021-43091 SQL Injection vulnerability in Yeswiki 4.1.0
An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form.
network
low complexity
yeswiki CWE-89
5.0
5.0
2018-08-20 CVE-2018-1000641 Deserialization of Untrusted Data vulnerability in Yeswiki 201210221/201310171/201603171
YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information.
network
low complexity
yeswiki CWE-502
7.5
7.5