Filtered by vendor Yccms
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-20290 | 1 Yccms | 1 Yccms | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability. | |||||
| CVE-2020-20289 | 1 Yccms | 1 Yccms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of the request parameters, triggers a sql injection vulnerability. | |||||
| CVE-2020-20287 | 1 Yccms | 1 Yccms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution. | |||||