CVE-2024-7330

A vulnerability has been found in YouDianCMS 7 and classified as critical. Affected by this vulnerability is the function curlexec of the file /App/Core/Extend/Function/ydLib.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The...

CVE-2024-7329

A vulnerability, which was classified as critical, was found in YouDianCMS 7. Affected is an unknown function of the file /Public/ckeditor/plugins/multiimage/dialogs/imageupload.php. The manipulation of the argument files leads to unrestricted upload. It is possible to launch the attack remotely...

CVE-2024-7328

A vulnerability, which was classified as problematic, has been found in YouDianCMS 7. This issue affects some unknown processing of the file /t.php?action=phpinfo. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public...

CVE-2024-7329

YouDianCMS 7 contains a critical issue in an unknown function of /Public/ckeditor/plugins/multiimage/dialogs/image_upload.php where manipulating the files parameter leads to unrestricted uploads. A remote attacker can exploit this; multiple sources note that exploits have been disclosed publicly....

CVE-2024-7328 YouDianCMS information disclosure

A vulnerability, which was classified as problematic, has been found in YouDianCMS 7. This issue affects some unknown processing of the file /t.php?action=phpinfo. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public...