CVE-2026-39850 high 7.4
7.4
16d ago
Yii 2: Local file inclusion via view parameter name collision
php
CVE-2017-11516 medium 6.1
6.1
9y ago
Yii Cross-site Scripting Framework vulnerability
php
CVE-2017-7271 medium 6.1
6.1
9y ago
Yii Framework Reflected XSS
php
CVE-2015-3397 medium —
4.3
11y ago
Yii Framework Cross-site Scripting Vulnerability
php
CVE-2024-58136 unknown —
1.5
1y ago
Yii Framework contains an improper protection of alternate path vulnerability that may allow a remote attacker to execute arbitrary code. This vulnerability could affect other products that implement…
php
CVE-2024-4990 unknown —
—
2y ago
Unsafe Reflection in base Component class in yiisoft/yii2
php
CVE-2024-32877 unknown —
—
2y ago
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode
php
CVE-2015-5467 unknown —
—
3y ago
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter
php
CVE-2018-6009 unknown —
—
4y ago
Yii Framework Cross-Site Request Forgery (CSRF)
php
CVE-2018-20745 unknown —
—
4y ago
Yii Incorrectly Implements CORS
php
CVE-2018-6010 unknown —
—
4y ago
Yii Framework reflected Cross-site Scripting
php
CVE-2020-15148 unknown —
—
6y ago
Unsafe deserialization in Yii 2
php