CVE-2025-10211
- EPSS 0.04%
- Published 10.09.2025 20:15:33
- Last modified 15.09.2025 14:53:01
A security vulnerability has been detected in yanyutao0402 ChanCMS 3.3.0. The affected element is the function CollectController of the file /cms/collect/getArticle. The manipulation of the argument taskUrl leads to server-side request forgery. The a...
CVE-2025-10210
- EPSS 0.03%
- Published 10.09.2025 19:02:06
- Last modified 15.09.2025 14:53:19
A weakness has been identified in yanyutao0402 ChanCMS up to 3.3.0. Impacted is the function Search of the file app/modules/api/service/Api.js. Executing manipulation of the argument key can lead to sql injection. The attack can be launched remotely....
CVE-2025-10106
- EPSS 0.03%
- Published 08.09.2025 21:32:05
- Last modified 10.09.2025 18:06:28
A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.1. This affects an unknown part of the file /cms/collect/search. Such manipulation of the argument keyword leads to sql injection. The attack can be launched remotely. The exploit has b...
CVE-2025-10105
- EPSS 0.03%
- Published 08.09.2025 20:32:07
- Last modified 10.09.2025 18:05:59
A flaw has been found in yanyutao0402 ChanCMS up to 3.3.1. Affected by this issue is some unknown functionality of the file /cms/article/search. This manipulation of the argument keyword causes sql injection. The attack can be initiated remotely. The...