Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

givanz — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting givanz. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Givanz operates as a provider of enterprise security solutions, primarily focusing on email security and data loss prevention services for organizations seeking to mitigate communication-based threats. Historical vulnerability assessments reveal a pattern of critical flaws, including remote code execution and cross-site scripting, which have frequently allowed attackers to bypass authentication mechanisms or inject malicious scripts into administrative interfaces. These weaknesses often stemmed from insufficient input validation and improper access controls within the platform’s web application layer. While specific major public incidents remain limited in detailed reporting, the accumulation of twenty-one Common Vulnerabilities and Exposures highlights persistent challenges in maintaining robust security hygiene. The recurring nature of these issues suggests that legacy codebases or rapid feature deployment cycles may have occasionally outpaced rigorous security testing protocols, necessitating continuous patching and configuration reviews to protect user data integrity.

Top products by givanz: Vvveb Vvvebjs
CVE IDTitleCVSSSeverityPublished
CVE-2026-41928 Vvveb < 1.0.8.2 Information Disclosure via Cron Controller — VvvebCWE-497 5.3 Medium2026-05-07
CVE-2026-41929 Vvveb < 1.0.8.2 Unauthenticated Reflected XSS via Visual Editor — VvvebCWE-79 6.1 Medium2026-05-07
CVE-2026-41938 Vvveb < 1.0.8.2 RCE via Media Upload Handler — VvvebCWE-434 8.8 High2026-05-06
CVE-2026-41930 Vvveb < 1.0.8.2 Hard-coded Credentials Information Disclosure via phpMyAdmin — VvvebCWE-306 9.8 Critical2026-05-06
CVE-2026-41931 Vvveb < 1.0.8.2 Information Disclosure via Debug Exception Handler — VvvebCWE-1188 5.3 Medium2026-05-06
CVE-2026-41934 Vvveb < 1.0.8.2 Authenticated RCE via Code Editor — VvvebCWE-184 8.8 High2026-05-06
CVE-2026-41936 Vvveb < 1.0.8.2 XML External Entity Injection via Import — VvvebCWE-611 8.1 High2026-05-06
CVE-2026-39918 Vvveb < 1.0.8.1 Code Injection via Installation Endpoint — VvvebCWE-94 9.8 Critical2026-04-20
CVE-2026-34428 Vvveb < 1.0.8.1 SSRF via oEmbedProxy — VvvebCWE-918 7.7 High2026-04-20
CVE-2026-34427 Vvveb < 1.0.8.1 Privilege Escalation via admin/user/save — VvvebCWE-915 8.8 High2026-04-20
CVE-2026-34429 Vvveb < 1.0.8.1 Stored XSS via Media Upload and Rename — VvvebCWE-79 5.4 Medium2026-04-20
CVE-2026-5615 givanz Vvvebjs File Upload Endpoint upload.php cross site scripting — VvvebjsCWE-79 4.3 Medium2026-04-06
CVE-2025-12203 givanz Vvveb Code Editor functions.php sanitizeFileName path traversal — VvvebCWE-22 6.3 Medium2025-10-27
CVE-2025-11944 givanz Vvveb Raw SQL import.php import sql injection — VvvebCWE-89 4.7 Medium2025-10-19
CVE-2025-11029 givanz Vvveb cross-site request forgery — VvvebCWE-352 4.3 Medium2025-09-26
CVE-2025-11028 givanz Vvveb Image information disclosure — VvvebCWE-200 5.3 Medium2025-09-26
CVE-2025-11027 givanz Vvveb SVG File cross site scripting — VvvebCWE-79 2.4 Low2025-09-26
CVE-2025-11026 givanz Vvveb Configuration File information disclosure — VvvebCWE-200 3.5 Low2025-09-26
CVE-2025-9728 givanz Vvveb login.tpl cross site scripting — VvvebCWE-79 4.3 Medium2025-08-31
CVE-2025-9397 givanz Vvveb media.php unrestricted upload — VvvebCWE-434 6.3 Medium2025-08-24
CVE-2025-8976 givanz Vvveb Endpoint post cross site scripting — VvvebCWE-79 3.5 Low2025-08-14
CVE-2025-8975 givanz Vvveb edit.tpl cross site scripting — VvvebCWE-79 3.5 Low2025-08-14
CVE-2025-8522 givanz Vvvebjs node.js save.php path traversal — VvvebjsCWE-22 5.0 Medium2025-08-04
CVE-2025-8521 givanz Vvveb Add Type post-types cross site scripting — VvvebCWE-79 2.4 Low2025-08-04
CVE-2025-8520 givanz Vvveb Drag-and-Drop Editor editor server-side request forgery — VvvebCWE-918 4.7 Medium2025-08-04
CVE-2025-8519 givanz Vvveb Drag-and-Drop Editor editor information disclosure — VvvebCWE-200 2.7 Low2025-08-04
CVE-2025-8518 givanz Vvveb Code Editor code.php save code injection — VvvebCWE-94 4.7 Medium2025-08-04
CVE-2025-8517 givanz Vvveb session fixiation — VvvebCWE-384 6.3 Medium2025-08-04

This page lists every published CVE security advisory associated with givanz. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.