Skip to main content

Heybbs

3 CVEs product

Monthly

CVE-2020-25006 CRITICAL POC Act Now

Heybbs v1.2 has a SQL injection vulnerability in login.php file via the username parameter which may allow a remote attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP Heybbs
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-25005 CRITICAL POC Act Now

Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP Heybbs
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-25004 CRITICAL POC Act Now

Heybbs v1.2 has a SQL injection vulnerability in user.php file via the ID parameter which may allow a remote attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP Heybbs
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.3%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Heybbs v1.2 has a SQL injection vulnerability in login.php file via the username parameter which may allow a remote attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP +1
NVD Exploit-DB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP +1
NVD Exploit-DB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Heybbs v1.2 has a SQL injection vulnerability in user.php file via the ID parameter which may allow a remote attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi PHP +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy