2 matches found
SQL Injection Vulnerability in YCCMS v3.3
YCCMS is a PHP version of a lightweight CMS builder. YCCMS v3.3 suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
Arbitrary Password Reset Vulnerability in YCCMS V3.3
YCCMS is a version of PHP5 + MYSQL as the technical basis for the development of lightweight CMS station-building system. YCCMS V3.3 has an arbitrary password reset vulnerability. The vulnerability is due to the background change the administrator user password failed to verify the original...