Filtered by vendor Yccms
Subscriptions
Filtered by product Yccms
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-20290 | 1 Yccms | 1 Yccms | 2024-11-21 | 7.5 High |
Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability. | ||||
CVE-2020-20289 | 1 Yccms | 1 Yccms | 2024-11-21 | 9.8 Critical |
Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of the request parameters, triggers a sql injection vulnerability. | ||||
CVE-2020-20287 | 1 Yccms | 1 Yccms | 2024-11-21 | 9.8 Critical |
Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution. |
Page 1 of 1.