RSS   Vulnerabilities for 'Verydows'   RSS

2022-04-26
 
CVE-2022-28058

CWE-22
 

 
Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php.

 
 
CVE-2022-28059

CWE-22
 

 
Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php.

 
2019-02-16
 
CVE-2019-8363

CWE-79
 

 
Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value.

 
2019-02-12
 
CVE-2019-7753

CWE-79
 

 
Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer parameter.

 
2019-02-11
 
CVE-2019-7737

CWE-352
 

 
A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit.

 


Copyright 2024, cxsecurity.com

 

Back to Top