Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/02/04 11:3 p.m.5 views

CVE-2024-0648

A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This vulnerability affects unknown code of the file /app/index/controller/Common.php. The manipulation of the argument templateFile leads to unrestricted upload. The attack can be initiated remotely. The exploit...

9.8CVSS7.5AI score0.0067EPSS
Exploits0References1
nvd
nvd
added 2024/01/17 11:15 p.m.16 views

CVE-2024-0648

A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This vulnerability affects unknown code of the file /app/index/controller/Common.php. The manipulation of the argument templateFile leads to unrestricted upload. The attack can be initiated remotely. The exploit...

9.8CVSS8AI score0.0067EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/01/17 12:0 a.m.12 views

YUNUCMS Code Issues Vulnerabilities

YUNUCMS is a website CMS. YUNUCMS 2.2.6 and earlier versions have a code issue vulnerability, the vulnerability stems from the parameter templateFile in file /app/index/controller/Common.php has an arbitrary file upload vulnerability...

9.8CVSS7.3AI score0.0067EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/01/17 12:0 a.m.6 views

PT-2024-15715 · Unknown · Yunyou Cms

Name of the Vulnerable Software and Affected Versions: Yunyou CMS versions up to 2.2.6 Description: A critical vulnerability has been found in Yunyou CMS, affecting unknown code of the file /app/index/controller/Common.php. The manipulation of the templateFile argument leads to unrestricted uploa...

9.8CVSS7.4AI score0.0067EPSS
Exploits0References8
nvd
nvd
added 2011/12/14 12:55 a.m.24 views

CVE-2011-4810

Multiple directory traversal vulnerabilities in WHMCompleteSolution WHMCS 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to 1 submitticket.php and 2 downloads.php, and 3 the report parameter to admin/reports.php...

5CVSS6.9AI score0.07025EPSS
Exploits2References1
prion
prion
added 2011/12/14 12:55 a.m.20 views

Directory traversal

Directory traversal vulnerability in clientarea.php in WHMCompleteSolution WHMCS 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ dot dot slash in the templatefile parameter...

5CVSS7.2AI score0.03287EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2011/12/14 12:0 a.m.25 views

CVE-2011-4813

Directory traversal vulnerability in clientarea.php in WHMCompleteSolution WHMCS 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ dot dot slash in the templatefile parameter...

6.7AI score0.03287EPSS
Exploits0References1
Rows per page
Query Builder