CVE-2023-25402 — CVSS 7.5 (high): CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any…
CVE-2023-25403 — CVSS 7.5 (high): CleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The program uses a fixed JWT key, and the stored key uses username…