2 matches found
CVE-2026-3741
A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...
GHSA-R2WJ-MXVH-WQFH Cross-Site Request Forgery in JFinalCMS via the component /admin/friend_link/save
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /admin/friendlink/save...