Yiiframework: >> Yii >> 2.0.4 Security Vulnerabilities
Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA code via a variant of the CVE-2018-7269 attack in conjunction with the Redis extension.
CVSS Score
9.8
EPSS Score
0.01
Published
2018-03-21
Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension.
CVSS Score
8.1
EPSS Score
0.009
Published
2018-03-21
Page 2