59 matches found
YCCMS file upload vulnerability
Yccms is a Php-based lightweight CMS builder from the Yccms team. yccms 3.3 has a file upload vulnerability, which stems from an error in the xhUp function's determination of request parameters and can be exploited by attackers to cause remote code execution...
YCCMS path traversal vulnerability
YCCMS is a Php-based lightweight CMS builder from the Yccms team. YCCMS 3.3 has a path traversal vulnerability, which stems from an error in the judgment of request parameters by the delete, deletesite, and deleteAll functions. No detailed vulnerability details are available...
CVE-2020-20290
Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability...
CVE-2020-20290
Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability...
CVE-2020-20287
Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...
CVE-2020-20287
Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...
CVE-2020-20289
Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...
CVE-2020-20289
Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...
Unrestricted file upload
Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...
Sql injection
Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...
CVE-2020-20287
CVE-2020-20287 affects the yccms 3.3 project, with an unrestricted file upload vulnerability in the internal xhUp function caused by its improper judgment of request parameters. This can lead to remote code execution. Exploitation details are not fully provided in the initial documents, but multi...
CVE-2020-20287
Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...
CVE-2020-20289
Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...
CVE-2020-20289
CVE-2020-20289 affects yccms version 3.3, with the vulnerability in the no_top (no top) function where improper judgment of request parameters enables SQL injection. This is documented in PT-2021-10472, which describes how the issue arises from parameter handling and suggests a temporary workarou...
CVE-2020-20290
Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability...
CVE-2020-20290
CVE-2020-20290 affects YCCMS 3.3. The issue is a directory traversal vulnerability caused by improper judgment of request parameters in the delete, deletesite, and deleteAll functions. This can allow unauthorized access to filesystem paths via crafted requests. Multiple sources (NVD, Red Hat advi...
PT-2021-10472 · Yccms · Yccms
Name of the Vulnerable Software and Affected Versions: yccms version 3.3 Description: The issue arises from the no top function's improper judgment of the request parameters, leading to a sql injection vulnerability. This allows for potential exploitation by manipulating request parameters...
yccms project 路径遍历漏洞
YCCMS is a Php-based lightweight CMS builder from the Yccms team. YCCMS 3.3 has a path traversal vulnerability, which stems from an error in the judgment of request parameters by the delete, deletesite, and deleteAll functions. No detailed vulnerability details are available...
yccms 代码问题漏洞
Yccms is a Php-based lightweight CMS builder from the Yccms team. yccms 3.3 has a file upload vulnerability, which stems from an error in the xhUp function's determination of request parameters and can be exploited by attackers to cause remote code execution...
PT-2021-10471 · Yccms · Yccms
Name of the Vulnerable Software and Affected Versions: yccms version 3.3 Description: The issue is related to an unrestricted file upload vulnerability. It is caused by the xhUp function's improper judgment of the request parameters, which can trigger remote code execution. Recommendations: For...