ReportizFlow
Filtered by vendor Yccms
Subscriptions
Filtered by product Yccms
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-20290 | 1 Yccms | 1 Yccms | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability. | ||||
| CVE-2020-20289 | 1 Yccms | 1 Yccms | 2024-11-21 | 9.8 Critical |
| Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of the request parameters, triggers a sql injection vulnerability. | ||||
| CVE-2020-20287 | 1 Yccms | 1 Yccms | 2024-11-21 | 9.8 Critical |
| Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution. | ||||
Page 1 of 1.