Yiiframework CVE

Filtered by vendor Yiiframework Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-3397	1 Yiiframework	1 Yiiframework	2016-12-06	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON, arrays, and Internet Explorer 6 or 7.
CVE-2014-4672	1 Yiiframework	1 Yiiframework	2014-07-24	7.5 HIGH	N/A
The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property.

Vulnerabilities (CVE)