Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2024-0303
- EPSS 0.16%
- Veröffentlicht 08.01.2024 08:15:36
- Zuletzt bearbeitet 21.11.2024 08:46:16
A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php of the component Parameter Handler. The manipulation of the argument url leads to server-s...
9.8
CVE-2024-0304
- EPSS 0.16%
- Veröffentlicht 08.01.2024 08:15:36
- Zuletzt bearbeitet 21.11.2024 08:46:17
A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side reque...
8.8
CVE-2018-18215
- EPSS 0.15%
- Veröffentlicht 11.10.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:33
In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account.
9.8
CVE-2018-18242
- EPSS 0.26%
- Veröffentlicht 11.10.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:34
youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86.
1