Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vvveb — Vulnerabilities & Security Advisories 19

All 19 CVE vulnerabilities found in Vvveb, with AI-generated Chinese analysis, references, and POCs.

Vendor: givanz

CVE IDTitleCVSSSeverityPublished
CVE-2026-39918 Vvveb < 1.0.8.1 Code Injection via Installation Endpoint CWE-94 9.8 Critical2026-04-20
CVE-2026-34428 Vvveb < 1.0.8.1 SSRF via oEmbedProxy CWE-918 7.7 High2026-04-20
CVE-2026-34427 Vvveb < 1.0.8.1 Privilege Escalation via admin/user/save CWE-915 8.8 High2026-04-20
CVE-2026-34429 Vvveb < 1.0.8.1 Stored XSS via Media Upload and Rename CWE-79 5.4 Medium2026-04-20
CVE-2025-12203 givanz Vvveb Code Editor functions.php sanitizeFileName path traversal CWE-22 6.3 Medium2025-10-27
CVE-2025-11944 givanz Vvveb Raw SQL import.php import sql injection CWE-89 4.7 Medium2025-10-19
CVE-2025-11029 givanz Vvveb cross-site request forgery CWE-352 4.3 Medium2025-09-26
CVE-2025-11028 givanz Vvveb Image information disclosure CWE-200 5.3 Medium2025-09-26
CVE-2025-11027 givanz Vvveb SVG File cross site scripting CWE-79 2.4 Low2025-09-26
CVE-2025-11026 givanz Vvveb Configuration File information disclosure CWE-200 3.5 Low2025-09-26
CVE-2025-9728 givanz Vvveb login.tpl cross site scripting CWE-79 4.3 Medium2025-08-31
CVE-2025-9397 givanz Vvveb media.php unrestricted upload CWE-434 6.3 Medium2025-08-24
CVE-2025-8976 givanz Vvveb Endpoint post cross site scripting CWE-79 3.5 Low2025-08-14
CVE-2025-8975 givanz Vvveb edit.tpl cross site scripting CWE-79 3.5 Low2025-08-14
CVE-2025-8521 givanz Vvveb Add Type post-types cross site scripting CWE-79 2.4 Low2025-08-04
CVE-2025-8520 givanz Vvveb Drag-and-Drop Editor editor server-side request forgery CWE-918 4.7 Medium2025-08-04
CVE-2025-8519 givanz Vvveb Drag-and-Drop Editor editor information disclosure CWE-200 2.7 Low2025-08-04
CVE-2025-8518 givanz Vvveb Code Editor code.php save code injection CWE-94 4.7 Medium2025-08-04
CVE-2025-8517 givanz Vvveb session fixiation CWE-384 6.3 Medium2025-08-04

All 19 known CVE vulnerabilities affecting Vvveb with full Chinese analysis, references, and POCs where available.