← Back

Hadsky

hadsky

Vendor: Hadsky • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-30886
1Hadsky
1Hadsky
May 21, 2025
Apr 23, 2024
N/A· v4
5.4 MEDIUM· v3
N/A· v2
A stored cross-site scripting (XSS) vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter.
CVE-2024-30885
1Hadsky
1Hadsky
May 21, 2025
Apr 11, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component .
CVE-2023-46428
1Hadsky
1Hadsky
Nov 21, 2024
Nov 1, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary code via a crafted file.
CVE-2023-3579
1Hadsky
1Hadsky
Nov 21, 2024
Jul 10, 2023
N/A· v4
8.8 HIGH· v3
5.0 MEDIUM· v2
A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Affected by this issue is some unknown functionality of the component User Handler. The manipulation leads to cross-site request forg...Show more
A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Affected by this issue is some unknown functionality of the component User Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-233372.Show less
CVE-2023-1685
1Hadsky
1Hadsky
Jun 17, 2026
Mar 29, 2023
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
A vulnerability was found in HadSky up to 7.11.8. It has been declared as critical. This vulnerability affects unknown code of the file /install/index.php of the component Installation Interface. The manipulation leads t...Show more
A vulnerability was found in HadSky up to 7.11.8. It has been declared as critical. This vulnerability affects unknown code of the file /install/index.php of the component Installation Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-224242 is the identifier assigned to this vulnerability.Show less
CVE-2023-1684
1Hadsky
1Hadsky
Jun 17, 2026
Mar 29, 2023
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability was found in HadSky 7.7.16. It has been classified as problematic. This affects an unknown part of the file upload/index.php?c=app&a=superadmin:index. The manipulation leads to unrestricted upload. It is...Show more
A vulnerability was found in HadSky 7.7.16. It has been classified as problematic. This affects an unknown part of the file upload/index.php?c=app&a=superadmin:index. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224241 was assigned to this vulnerability.Show less