Browse all 3 CVE security advisories affecting URVE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
URVE is a web application framework primarily used for building dynamic content management systems. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with three CVEs documented to date. The framework's security posture has been characterized by insufficient input validation and inadequate access controls in previous versions. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in earlier releases suggests a need for rigorous security testing when implementing URVE-based solutions. Current versions have addressed some concerns, but developers should remain vigilant about potential misconfigurations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-2420 | URVE Web Manager uploader.php unrestricted upload — Web ManagerCWE-434 | 8.0 | High | 2022-07-15 |
| CVE-2022-2419 | URVE Web Manager upload.php unrestricted upload — Web ManagerCWE-434 | 8.0 | High | 2022-07-15 |
| CVE-2022-2418 | URVE Web Manager img_upload.php unrestricted upload — Web ManagerCWE-434 | 8.0 | High | 2022-07-15 |
This page lists every published CVE security advisory associated with URVE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.