| CVE-2026-39850 |
high |
7.4 |
7.4 |
|
|
|
23d ago |
Yii 2: Local file inclusion via view parameter name collision |
| CVE-2017-11516 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
Yii Cross-site Scripting Framework vulnerability |
| CVE-2017-7271 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
Yii Framework Reflected XSS |
| CVE-2015-3397 |
medium |
— |
4.3 |
|
|
|
11y ago |
Yii Framework Cross-site Scripting Vulnerability |
| CVE-2024-58136 |
unknown |
— |
1.5 |
|
|
|
1y ago |
Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement… |
| CVE-2024-4990 |
unknown |
— |
— |
|
|
|
2y ago |
Unsafe Reflection in base Component class in yiisoft/yii2 |
| CVE-2024-32877 |
unknown |
— |
— |
|
|
|
2y ago |
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode |
| CVE-2015-5467 |
unknown |
— |
— |
|
|
|
3y ago |
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter |
| CVE-2018-6009 |
unknown |
— |
— |
|
|
|
4y ago |
Yii Framework Cross-Site Request Forgery (CSRF) |
| CVE-2018-20745 |
unknown |
— |
— |
|
|
|
4y ago |
Yii Incorrectly Implements CORS |
| CVE-2018-6010 |
unknown |
— |
— |
|
|
|
4y ago |
Yii Framework reflected Cross-site Scripting |
| CVE-2020-15148 |
unknown |
— |
— |
|
|
|
6y ago |
Unsafe deserialization in Yii 2 |
