Every CVE whose affected-product data names Lylme Lylme Spage, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2023-45951 — CVSS 9.8 (critical): lylme_spage v1.7.0 was discovered to contain a SQL injection vulnerability via the $userip parameter at function.php.
CVE-2023-45952 — CVSS 9.8 (critical): An arbitrary file upload vulnerability in the component ajax_link.php of lylme_spage v1.7.0 allows attackers to execute arbitrary code via…
CVE-2024-34982 — CVSS 9.8 (critical): An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code…
CVE-2024-48176 — CVSS 9.8 (critical): Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code…
CVE-2025-4543 — CVSS 7.3 (high): A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file…
CVE-2024-9790 — CVSS 4.7 (medium): A vulnerability was found in LyLme_spage 1.9.5. It has been classified as critical. Affected is an unknown function of the file…
CVE-2024-9788 — CVSS 4.7 (medium): A vulnerability has been found in LyLme_spage 1.9.5 and classified as critical. This vulnerability affects unknown code of the file…
CVE-2024-9789 — CVSS 4.7 (medium): A vulnerability was found in LyLme_spage 1.9.5 and classified as critical. This issue affects some unknown processing of the file…