CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Yiiframework: >> Yii >> 2.0.12.2 Security Vulnerabilities

CVE-2018-8074

Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension.

CVSS Score

8.1

EPSS Score

0.009

Published

2018-03-21

Page 2

Vulnerabilities

Vulnerable Software

Yiiframework: >> Yii >> 2.0.12.2 Security Vulnerabilities

Products

Pricing

Contact Us