3 Total advisories
3 Vulnerabilities
0 Malware
Vulnerabilities
HIGH 8.8
CVE-2026-43937
YAFNET: Pre-Handler Authorization Bypass on Admin Pages Enables Blind SQL Execution via `/Admin/RunSql`
HIGH 7.3
CVE-2026-43939
YAFNET has Stored XSS in Forum Thread Posts/Replies that Allows Arbitrary JavaScript Execution for All Thread Viewers
HIGH 8.1
CVE-2026-43938
YAFNET has Unauthenticated Stored Second-Order XSS in Admin Event Log via Reflected `User-Agent` Header
Ready to move
Start Securing
Free, no credit card | First findings in minutes