Lucene search
K

4 matches found

NVD
NVD
added 2026/03/08 3:15 p.m.7 views

CVE-2026-3743

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

5.4CVSS0.00196EPSS
Exploits1References4
OSV
OSV
added 2026/03/08 3:15 p.m.4 views

CVE-2026-3743

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

5.4CVSS4.1AI score0.00196EPSS
Exploits1References4
CVE
CVE
added 2026/02/22 8:2 a.m.18 views

CVE-2026-2934

YiFang CMS (up to 2.0.5) is affected in the Extended Management Module by a vulnerability in the update function of file app/db/admin/D_friendLinkGroup.php. The issue arises from manipulation of the Name parameter, enabling cross site scripting (XSS). Attacks can be initiated remotely, and public...

4.8CVSS3.4AI score0.00257EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/22 7:32 a.m.28 views

CVE-2026-2932 YiFang CMS Extended Management D_adPosition.php update cross site scripting

A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/DadPosition.php of the component Extended Management Module. Performing a manipulation of the argument name/index results in cross site scripting. The attack is...

4.8CVSS0.00218EPSS
Exploits1References6
Rows per page
Query Builder