5 matches found
YXcms has a logic design flaw
Yxcms is an enterprise building system based on PHP and mysql technology. A logical design vulnerability exists in YXcms. The vulnerability is due to the failure of the program to strictly filter the parameters passed by the user, an attacker can exploit the vulnerability to delete arbitrary file...
File Upload Vulnerability in YXCMS V1.4.7 Backend
YXCMS is an efficient website management system built on PHP+MYSQL. A file upload vulnerability exists in the background of YXCMS V1.4.7. An attacker can exploit this vulnerability to upload Trojan horse files to gain control of the web server...
Logic Flaw Vulnerability in YXCMS
YXCMS is an efficient website management system built on PHP+MYSQL. A logic flaw vulnerability exists in YXCMS version 1.4.7, which can be exploited by attackers to perform unauthorized operations, such as modifying the price and quantity of products...
YXcmsApp V1.4.3 'uninstall()' Function Has Cross-Site Request Forgery Vulnerability
Yxcms is an enterprise building system based on PHP and mysql technology. A cross-site request forgery vulnerability exists in the YXcmsApp V1.4.3 'uninstall' function. Due to the lack of HTTP Referer or token validation, an attacker can exploit the vulnerability to uninstall the system's...
YXCMSAPP Stored Cross-site Scripting Vulnerability
YXcmsApp station building system is based on the latest CPAPP core to build the information platform or portal website development. A stored cross-site scripting vulnerability exists in YXCMSAPP, which allows attackers to exploit this vulnerability to perform cross-site scripting attacks...