PT-2024-38270 · Unknown · Youdiancms

Name of the Vulnerable Software and Affected Versions: YouDianCMS version 7 Description: A problematic issue has been found in the processing of the file "/t.php?action=phpinfo", leading to information disclosure. The attack can be initiated remotely. The vendor was contacted about this disclosur...

CVE-2022-32301

YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the IdList parameter at /App/Lib/Action/Home/ApiAction.class.php...

PT-2022-21218 · Unknown · Youdiancms

Name of the Vulnerable Software and Affected Versions: YoudianCMS version 9.5.0 Description: A SQL injection issue was discovered via the IdList parameter at the "/App/Lib/Action/Home/ApiAction.class.php" endpoint. This allows for potential exploitation. No information is provided about the...

SQL injection vulnerability in youdiancms (CNVD-2021-51406)

YouDianCMS enterprise website management system YouDianCMS set computer station, mobile station, micro letter, APP, small program in one, shared space, data synchronization, is the domestic five-station excellent enterprise station solutions. youdiancms has SQL injection vulnerability, attackers...

YouDianCMS suffers from XML entity injection vulnerability (CNVD-2020-15540)

YouDianCMS is an enterprise website management system developed by Changsha YouDian Software Technology Co. YouDianCMS suffers from an XML entity injection vulnerability. An attacker can exploit the vulnerability to read arbitrary files, execute system commands, and probe intranet ports...