YznCMS 安全漏洞

YznCMS is a backend development framework. A cross-site scripting vulnerability exists in YznCMS version 1.4.2, which stems from the lack of effective filtering and escaping of user-supplied data in the component /index/index.html, and can be exploited by an attacker to execute arbitrary Web scri...

YznCMS Cross-Site Scripting Vulnerability

YznCMS is a backend development framework by Otaku Studio. A cross-site scripting vulnerability exists in YZNCMS v1.3.0, which originates from a stored cross-site scripting XSS vulnerability in the cms/content/edit component that allows an attacker to execute arbitrary web script or HTML by...

CVE-2023-37131

A Cross-Site Request Forgery CSRF in the component /public/admin/profile/update.html of YznCMS v1.1.0 allows attackers to arbitrarily change the Administrator password via a crafted POST request...

CVE-2023-37131

A Cross-Site Request Forgery CSRF in the component /public/admin/profile/update.html of YznCMS v1.1.0 allows attackers to arbitrarily change the Administrator password via a crafted POST request...

YznCMS 跨站请求伪造漏洞

YznCMS is a backend development framework. A cross-site request forgery vulnerability exists in YznCMS v1.1.0, which stems from insufficiently verifying that a request comes from a trusted user in /public/admin/profile/update.html. An attacker could exploit this vulnerability by constructing a PO...

File upload vulnerability in yzncms system

YznCMS also known as Otaku Male cms is a completely open source project , based on ThinkPHP5.1.X latest version , the framework is easy to expand the functionality , code maintenance , to facilitate the secondary development To help developers simply and efficiently reduce the cost of the seconda...

File Upload Vulnerability in YznCMS

YznCMS aka Otaku CMS is a CMS content management system based on the latest TP5.1 framework. A file upload vulnerability exists in YznCMS, which can be exploited by attackers to gain control of the web server...