Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-7cfq-72w2-24q4: Yii2 allows attackers to execute any local .php file via a relative path in the view parameter

web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter.

ghsa
#web#git#php

Yii2 allows attackers to execute any local .php file via a relative path in the view parameter

Moderate severity GitHub Reviewed Published Sep 21, 2023 to the GitHub Advisory Database • Updated Sep 21, 2023

Related news

CVE-2015-5467: security-advisories/yiisoft/yii2-dev/CVE-2015-5467.yaml at master · FriendsOfPHP/security-advisories

web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter.

ghsa: Latest News

GHSA-8gc2-vq6m-rwjw: Amazon Redshift Python Connector vulnerable to SQL Injection