Yccms

Yccms

3 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-20290

Exploit
  • EPSS 0.46%
  • Published 01.02.2021 18:15:13
  • Last modified 21.11.2024 05:12:00

Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability.

9.8

CVE-2020-20287

Exploit
  • EPSS 2.99%
  • Published 01.02.2021 18:15:12
  • Last modified 21.11.2024 05:11:59

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution.

9.8

CVE-2020-20289

Exploit
  • EPSS 0.5%
  • Published 01.02.2021 18:15:12
  • Last modified 21.11.2024 05:12:00

Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of the request parameters, triggers a sql injection vulnerability.