Aggregates CVE and security vulnerability intelligence across all heybbs_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection, with potential vendor impact data exposure across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-25006 | Heybbs v1.2 has a SQL injection vulnerability in login.php file via the username parameter which may allow a remote attacker to execute arbitrary code. | [email protected] | 9.8 | 1.49% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25005 | Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code. | [email protected] | 9.8 | 1.49% | 2020-09-03 | 2024-11-21 |
| CVE-2020-25004 | Heybbs v1.2 has a SQL injection vulnerability in user.php file via the ID parameter which may allow a remote attacker to execute arbitrary code. | [email protected] | 9.8 | 1.49% | 2020-09-03 | 2024-11-21 |