CVE-2026-3741

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

CVE-2026-3741

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/DfriendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

CVE-2026-3741

YiFang CMS 2.0.5 is affected by CVE-2026-3741 due to a vulnerability in the update function of app/db/admin/D_friendLink.php where manipulation of the linkName parameter enables cross-site scripting. The vulnerability can be exploited remotely and the exploit has been publicly disclosed. No remed...

Yifang CMS 代码注入漏洞

Yifang CMS is a PHP enterprise website development and management system provided by Yifang Corporation. Version 2.0.5 of Yifang CMS has a code injection vulnerability. This vulnerability stems from the handling of the parameter linkName in the file DfriendLink.php, which may lead to cross-site...

PT-2026-23947

A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/D friendLink.php. Such manipulation of the argument linkName leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

CVE-2026-2934

A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/DfriendLinkGroup.php of the component Extended Management Module. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the...

CVE-2026-2934

A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/DfriendLinkGroup.php of the component Extended Management Module. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the...

CVE-2026-2934 YiFang CMS Extended Management D_friendLinkGroup.php update cross site scripting

A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/DfriendLinkGroup.php of the component Extended Management Module. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the...

CVE-2026-2934

YiFang CMS (up to 2.0.5) is affected in the Extended Management Module by a vulnerability in the update function of file app/db/admin/D_friendLinkGroup.php. The issue arises from manipulation of the Name parameter, enabling cross site scripting (XSS). Attacks can be initiated remotely, and public...

CVE-2023-49375

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/update...

MuYuCMS 安全漏洞

MuYuCMS is a lightweight open source content management system open source by MuYuCMS. A security vulnerability exists in MuYuCMS 2.7 and earlier versions, which stems from the incorrect manipulation of the parameter Link URL of the component Add Fiend Link Handler in the file /index/index.html,...

CVE-2025-45475

maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery SSRF in Friend Link Management...

CVE-2025-45475

maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery SSRF in Friend Link Management...

CVE-2025-45475

maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery SSRF in Friend Link Management...

maccms10 安全漏洞

maccms10 is magicblack open source a set of PHP + MYSQL environment running under the perfect and powerful rapid website building system. A security vulnerability exists in maccms10 version v2025.1000.4047, which stems from the fact that the friend link management function is vulnerable to...

PT-2025-23019 · Maccms10 · Maccms10

Name of the Vulnerable Software and Affected Versions: maccms10 version 2025.1000.4047 Description: The issue is related to Server-Side request forgery SSRF in Friend Link Management. This allows an attacker to trick the server into making unintended requests. Recommendations: For version...

CVE-2025-45475

maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery SSRF in Friend Link Management...

CVE-2025-45475

CVE-2025-45475 affects maccms10 v2025.1000.4047 with Server-Side Request Forgery (SSRF) in the Friend Link Management feature. The public records in the provided documents identify the affected product and component (Friend Link Management) and the underlying issue as SSRF, but do not disclose sp...

CVE-2025-45475

maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery SSRF in Friend Link Management...

CVE-2025-3005

A vulnerability was found in Sayski ForestBlog up to 20250321 and classified as problematic. Affected by this issue is some unknown functionality of the component Friend Link Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclos...