Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

17 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-13074

Malware in sbrugna...

9.8CVSS9.4AI score0.02827EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-13077

Malware in sbrugna...

7.5CVSS7.6AI score0.0133EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/22 5:5 p.m.5 views

CVE-2020-20289

Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...

9.8CVSS7.2AI score0.01133EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/22 3:18 p.m.8 views

CVE-2020-20287

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...

9.8CVSS7.6AI score0.02827EPSS
Exploits1
NVD
NVDadded 2021/02/01 6:15 p.m.10 views

CVE-2020-20290

Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability...

7.5CVSS7.6AI score0.0133EPSS
Exploits1References1
OSV
OSVadded 2021/02/01 6:15 p.m.1 views

CVE-2020-20289

Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...

9.8CVSS7.3AI score0.01133EPSS
Exploits1References2
NVD
NVDadded 2021/02/01 6:15 p.m.11 views

CVE-2020-20287

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...

9.8CVSS9.9AI score0.02827EPSS
Exploits1References2
Prion
Prionadded 2021/02/01 6:15 p.m.17 views

Unrestricted file upload

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...

7.5CVSS9.7AI score0.02827EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2021/02/01 6:15 p.m.21 views

Sql injection

Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...

7.5CVSS9.4AI score0.01133EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2021/02/01 5:38 p.m.46 views

CVE-2020-20287

CVE-2020-20287 affects the yccms 3.3 project, with an unrestricted file upload vulnerability in the internal xhUp function caused by its improper judgment of request parameters. This can lead to remote code execution. Exploitation details are not fully provided in the initial documents, but multi...

9.8CVSS9.8AI score0.02827EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/02/01 5:38 p.m.14 views

CVE-2020-20287

Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code execution...

9.9AI score0.02827EPSS
Exploits1References2
CVE
CVEadded 2021/02/01 5:38 p.m.49 views

CVE-2020-20289

CVE-2020-20289 affects yccms version 3.3, with the vulnerability in the no_top (no top) function where improper judgment of request parameters enables SQL injection. This is documented in PT-2021-10472, which describes how the issue arises from parameter handling and suggests a temporary workarou...

9.8CVSS9.5AI score0.01133EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/02/01 5:38 p.m.15 views

CVE-2020-20289

Sql injection vulnerability in the yccms 3.3 project. The notop function's improper judgment of the request parameters, triggers a sql injection vulnerability...

9.6AI score0.01133EPSS
Exploits1References2
CVE
CVEadded 2021/02/01 5:38 p.m.45 views

CVE-2020-20290

CVE-2020-20290 affects YCCMS 3.3. The issue is a directory traversal vulnerability caused by improper judgment of request parameters in the delete, deletesite, and deleteAll functions. This can allow unauthorized access to filesystem paths via crafted requests. Multiple sources (NVD, Red Hat advi...

7.5CVSS7.5AI score0.0133EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2021/02/01 5:38 p.m.10 views

CVE-2020-20290

Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability...

7.6AI score0.0133EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2021/02/01 12:0 a.m.3 views

PT-2021-10471 · Yccms · Yccms

Name of the Vulnerable Software and Affected Versions: yccms version 3.3 Description: The issue is related to an unrestricted file upload vulnerability. It is caused by the xhUp function's improper judgment of the request parameters, which can trigger remote code execution. Recommendations: For...

9.8CVSS9.7AI score0.02827EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2021/02/01 12:0 a.m.4 views

PT-2021-10472 · Yccms · Yccms

Name of the Vulnerable Software and Affected Versions: yccms version 3.3 Description: The issue arises from the no top function's improper judgment of the request parameters, leading to a sql injection vulnerability. This allows for potential exploitation by manipulating request parameters...

9.8CVSS9.7AI score0.01133EPSS
Exploits1References5
Rows per page
Query Builder