Browse all 6 CVE security advisories affecting codelyfe. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Codelyfe develops software development tools and platforms, primarily focusing on code collaboration and project management solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with six CVEs documented to date. Security assessments indicate that input validation flaws and improper access controls have been recurring issues in their web applications. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests potential weaknesses in secure coding practices and security testing protocols within their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-3202 | codelyfe Stupid Simple CMS Login Page excessive authentication — Stupid Simple CMSCWE-307 | 3.7 | Low | 2024-04-02 |
| CVE-2023-7041 | codelyfe Stupid Simple CMS rename.php path traversal — Stupid Simple CMSCWE-24 | 5.4 | Medium | 2023-12-21 |
| CVE-2023-7040 | codelyfe Stupid Simple CMS rename.php path traversal — Stupid Simple CMSCWE-24 | 4.3 | Medium | 2023-12-21 |
| CVE-2023-6907 | codelyfe Stupid Simple CMS Deletion Interface delete.php improper authentication — Stupid Simple CMSCWE-287 | 5.4 | Medium | 2023-12-18 |
| CVE-2023-6902 | codelyfe Stupid Simple CMS upload.php unrestricted upload — Stupid Simple CMSCWE-434 | 5.5 | Medium | 2023-12-17 |
| CVE-2023-6901 | codelyfe Stupid Simple CMS HTTP POST Request handle-command.php os command injection — Stupid Simple CMSCWE-78 | 7.3 | High | 2023-12-17 |
This page lists every published CVE security advisory associated with codelyfe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.