Exploit for Code Injection in Craftcms Craft_Cms

CVE-Public - Vulnerability Proof-of-Concept Script Library...

EUVD-2026-10246

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-3743

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-3741

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

CVE-2026-3742

A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the function update of the file app/db/admin/DsinglePage.php. Performing a manipulation of the argument Title results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now public and ma...

CVE-2026-3743

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-3742

A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the function update of the file app/db/admin/DsinglePage.php. Performing a manipulation of the argument Title results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now public and ma...

CVE-2026-3743

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-3743 YiFang CMS D_singlePageGroup.php update cross site scripting

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-3743 YiFang CMS D_singlePageGroup.php update cross site scripting

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-3743

YiFang CMS 2.0.5 contains an XSS flaw in the update path for file app/db/admin/D_singlePageGroup.php. Manipulating the Name argument enables cross-site scripting, and the attack can be launched remotely. Public exploit and details exist; vendor was contacted but did not respond. No remediation de...

CVE-2026-3742

A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the function update of the file app/db/admin/DsinglePage.php. Performing a manipulation of the argument Title results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now public and ma...

CVE-2026-3742 YiFang CMS D_singlePage.php update cross site scripting

A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the function update of the file app/db/admin/DsinglePage.php. Performing a manipulation of the argument Title results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now public and ma...

CVE-2026-3741 YiFang CMS D_friendLink.php update cross site scripting

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

CVE-2026-3741 YiFang CMS D_friendLink.php update cross site scripting

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

CVE-2026-3741

YiFang CMS 2.0.5 is affected by CVE-2026-3741 due to a vulnerability in the update function of app/db/admin/D_friendLink.php where manipulation of the linkName parameter enables cross-site scripting. The vulnerability can be exploited remotely and the exploit has been publicly disclosed. No remed...

PT-2026-23949

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/D singlePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

Yifang CMS 代码注入漏洞

Yifang CMS is a PHP enterprise website development and management system provided by Yifang Corporation. Version 2.0.5 of Yifang CMS has a code injection vulnerability. This vulnerability stems from the handling of the parameter “Name” in the file “singlePageGroup.php”, which may lead to cross-si...

PT-2026-23947

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/D friendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

Yifang CMS 代码注入漏洞

Yifang CMS is a PHP enterprise website development and management system provided by Yifang Corporation. Version 2.0.5 of Yifang CMS has a code injection vulnerability, which stems from the handling of the Title parameter in the singlePage.php file. This vulnerability may lead to cross-site...