RSS   Vulnerabilities for 'Hybbs2'   RSS

2022-02-09
 
CVE-2022-24676

CWE-434
 
 
update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive.

 
 
CVE-2022-24677

NVD-CWE-noinfo
 
 
Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php.

 

 >>> Vendor: Hyphp 2 Products
Hybbs
Hybbs2

Copyright 2024, cxsecurity.com

 

Back to Top