3 matches found
CVE-2024-7330
A vulnerability has been found in YouDianCMS 7 and classified as critical. Affected by this vulnerability is the function curlexec of the file /App/Core/Extend/Function/ydLib.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The...
PT-2024-38271 · Ckeditor +1 · Ckeditor +1
Name of the Vulnerable Software and Affected Versions: YouDianCMS version 7 Description: A critical issue was found in an unknown function of the file /Public/ckeditor/plugins/multiimage/dialogs/image upload.php. The manipulation of the files argument leads to unrestricted upload. It is possible ...
PT-2024-38272 · Unknown · Youdiancms
Name of the Vulnerable Software and Affected Versions: YouDianCMS version 7 Description: A critical issue has been found, affecting the curl exec function in the file /App/Core/Extend/Function/ydLib.php. The manipulation of the url argument leads to server-side request forgery. This issue can be...