Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2018-7732
- EPSS 0.25%
- Published 06.03.2018 18:29:00
- Last modified 21.11.2024 04:12:37
An issue was discovered in YxtCMF 3.1. SQL Injection exists in ShitiController.class.php via the ids array parameter to exam/shiti/delshiti.html.
8.8
CVE-2018-7733
- EPSS 0.14%
- Published 06.03.2018 18:29:00
- Last modified 21.11.2024 04:12:37
An issue was discovered in YxtCMF 3.1. RbacController.class.php has CSRF, as demonstrated by modifying an administrator account via index.php/admin/user/add_post.html.
1