Filtered by vendor Luya
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-1544 | 1 Luya | 1 Yii-helpers | 2022-05-11 | 6.8 MEDIUM | 7.8 HIGH |
Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained confidential data. | |||||
CVE-2018-18259 | 1 Luya | 1 Luya Cms | 2018-11-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Stored XSS has been discovered in version 1.0.12 of the LUYA CMS software via /admin/api-cms-nav/create-page. |