hyyyp/HYBBS2

hyyyp/HYBBS2

Releases10

Frequency3 weeks 5 days

Last Release over 6 years ago

Stars113

基于HYPHP MVC框架开发的PHP论坛程序，拥有插件、模板扩展。

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-24676 ↗	Feb 9, 2022Wednesday, 9 February 2022, 00:15	8.8 HIGH	6.5 MEDIUM
update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive.
CVE-2022-24677 ↗	Feb 9, 2022Wednesday, 9 February 2022, 00:15	9.8 CRITICAL	7.5 HIGH
Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php.
CVE-2019-10644 ↗	Mar 30, 2019Saturday, 30 March 2019, 03:29	—	6.8 MEDIUM
An issue was discovered in HYBBS 2.2. /?admin/user.html has a CSRF vulnerability that can add an administrator account.