Vulnerabilities (CVE)

Filtered by vendor Hyphp Subscribe

Filtered by product Hybbs2

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-24677	1 Hyphp	1 Hybbs2	2024-11-21	7.5 HIGH	9.8 CRITICAL
Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php.
CVE-2022-24676	1 Hyphp	1 Hybbs2	2024-11-21	6.5 MEDIUM	8.8 HIGH
update_code in Admin.php in HYBBS2 through 2.3.2 allows arbitrary file upload via a crafted ZIP archive.