Every CVE whose affected-product data names Diyhi Bbs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-43097 — CVSS 7.2 (high): A Server-side Template Injection (SSTI) vulnerability exists in bbs 5.3 in TemplateManageAction.javawhich could let a malicoius user…
CVE-2021-43098 — CVSS 7.2 (high): A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function.
CVE-2021-43100 — CVSS 7.2 (high): A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function, which lets a remote malicious user…
CVE-2021-43101 — CVSS 7.2 (high): A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType function, which lets a remote malicious…
CVE-2021-43102 — CVSS 7.2 (high): A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function, which lets a remote malicious user…
CVE-2021-43103 — CVSS 7.2 (high): A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user…
CVE-2025-6453 — CVSS 6.3 (medium): A vulnerability classified as critical has been found in diyhi bbs 6.8. Affected is the function Add of the file /src/main/java/cms/web/acti…
CVE-2025-6762 — CVSS 6.3 (medium): A vulnerability classified as critical has been found in diyhi bbs up to 6.8. This affects the function getUrl of the file /admin/login of…
CVE-2021-43099 — CVSS 4.9 (medium): An Archive Extraction (AKA "Zip Slip) vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips…
CVE-2025-9461 — CVSS 4.3 (medium): A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/…