Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

yiisoft

4 Products 8 CVEs

CVE Severity Distribution (All Time)

Critical
0
High
5
Medium
3
Low
0

Timeline Overview

Last 30 Days 0 CVEs
Last 6 Months 0 CVEs
Last Year 0 CVEs

Products

View all

yiisoft/yii2

2 Versions 2 CVEs

yii2-authclient

1 Version 2 CVEs

yii2

2 Versions 2 CVEs

yii

2 Versions 2 CVEs

Recent CVEs

CVE-2024-32877 MEDIUM 1 year, 3 months ago

Yii 2 is a PHP application framework. During internal penetration testing of a product based on Yii2, users discovered a Cross-site Scripting (XSS) v…

CVE-2023-50714 MEDIUM 1 year, 8 months ago

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to v…

CVE-2023-50708 MEDIUM 1 year, 8 months ago

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to v…

CVE-2023-47130 HIGH 1 year, 9 months ago

Yii is an open source PHP web framework. yiisoft/yii before version 1.1.29 are vulnerable to Remote Code Execution (RCE) if the application calls `un…

CVE-2022-41922 HIGH 2 years, 9 months ago

`yiisoft/yii` before version 1.1.27 are vulnerable to Remote Code Execution (RCE) if the application calls `unserialize()` on arbitrary user input. T…

CVE-2021-3692 HIGH 4 years ago

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator

CVE-2021-3689 HIGH 4 years ago

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator

CVE-2020-15148 HIGH 4 years, 11 months ago

Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. T…