YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information.
9.8CVSS
9.4AI Score
0.003EPSS
SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.
9.8CVSS
9.9AI Score
0.003EPSS
An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form.
7.5CVSS
8AI Score
0.001EPSS