Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Yourls'
2022-04-03
CVE-2022-0088
CWE-352
Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls prior to 1.8.3.
2021-09-15
CVE-2021-3783
CWE-79
yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3785
CWE-79
yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2021-08-26
CVE-2021-3734
CWE-352
yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames
2020-10-23
CVE-2020-27388
CWE-79
Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.
2019-08-07
CVE-2019-14537
CWE-287
YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass.
2014-12-09
CVE-2014-8488
Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality.
2011-09-23
CVE-2011-3824
CWE-200
Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files.
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Yourls' 