CVE-2025-64048

YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...

CVE-2025-64048

YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...

CVE-2025-64048

YCCMS 3.4 contains a stored cross-site scripting XSS vulnerability in the article management functionality. The vulnerability exists in the add and getPost functions within the ArticleAction.class.php file due to improper neutralization of user input in the article title field...

CVE-2025-64048

Affected software/component: YCCMS 3.4, specifically the article management functionality in ArticleAction.class.php. Vulnerability: Stored cross-site scripting (XSS) in the article title input. The root cause is improper neutralization/validation of user-supplied data in the add() and getPost() ...

Yccms 安全漏洞

Yccms is a lightweight Php-based CMS builder by Yccms team. A security vulnerability exists in Yccms version 3.4, which stems from improper neutralization of article title field input by the add and getPost functions in the ArticleAction.class.php file, which could lead to a stored cross-site...

EUVD-2020-13074

Malware in sbrugna...

EUVD-2020-13077

Malware in sbrugna...

EUVD-2020-13076

Malware in sbrugna...

CVE-2020-20289

Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...

CVE-2020-20290

Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability...

CVE-2020-20287

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...

Logic Flaw Vulnerability in YCCMS

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has a logic flaw vulnerability that can be exploited by attackers to delete system files...

YCCMS suffers from a file upload vulnerability (CNVD-2021-47137)

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has a file upload vulnerability that can be exploited by attackers to gain server control privileges...

YCCMS suffers from a file upload vulnerability (CNVD-2021-46794)

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has a file upload vulnerability that can be exploited by attackers to gain server control privileges...

YCCMS suffers from a file upload vulnerability (CNVD-2021-37964)

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has a file upload vulnerability that can be exploited by attackers to gain control of the server...

YCCMS suffers from a file upload vulnerability (CNVD-2021-37963)

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has a file upload vulnerability that can be exploited by attackers to gain control of the server...

Arbitrary file deletion vulnerability in YCCMS (CNVD-2021-37965)

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has an arbitrary file deletion vulnerability that can be exploited by attackers to delete arbitrary files...

Command execution vulnerability in YCCMS (CNVD-2021-37966)

YCCMS is a PHP version of a lightweight CMS builder. YCCMS has a command execution vulnerability that can be exploited by attackers to gain control of the server...

Yccms Remote Code Execution (CVE-2020-20287)

A remote code execution vulnerability exists in Yccms. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

YCCMS file upload vulnerability

Yccms is a Php-based lightweight CMS builder from the Yccms team. yccms 3.3 has a file upload vulnerability, which stems from an error in the xhUp function's determination of request parameters and can be exploited by attackers to cause remote code execution...