Filtered by vendor Lylme
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-36675 | 1 Lylme | 1 Lylme Spage | 2024-06-11 | N/A | 9.1 CRITICAL |
| LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. | |||||
| CVE-2023-45952 | 1 Lylme | 1 Lylme Spage | 2023-10-25 | N/A | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in the component ajax_link.php of lylme_spage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2023-45951 | 1 Lylme | 1 Lylme Spage | 2023-10-24 | N/A | 9.8 CRITICAL |
| lylme_spage v1.7.0 was discovered to contain a SQL injection vulnerability via the $userip parameter at function.php. | |||||