Verydows

verydows

Vendor: Verydows • 7 CVEs

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-51949 1Verydows 1Verydows Jun 17, 2025 Jan 12, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Verydows v2.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /protected/controller/backend/role_controller
CVE-2020-23363 1Verydows 1Verydows Jan 29, 2025 May 9, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script.
CVE-2022-28059 1Verydows 1Verydows Nov 21, 2024 Apr 26, 2022 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\database_controller.php.
CVE-2022-28058 1Verydows 1Verydows Nov 21, 2024 Apr 26, 2022 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\file_controller.php.
CVE-2019-8363 1Verydows 1Verydows Jun 17, 2026 Feb 16, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value.
CVE-2019-7753 1Verydows 1Verydows Jun 17, 2026 Feb 12, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer parameter.
CVE-2019-7737 1Verydows 1Verydows Jun 17, 2026 Feb 11, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit.