3 matches found
YxtCMF SQL Injection Vulnerability
YxtCMF is an online learning system. The system has functions such as online live broadcast, online question and answer, teacher management and forum. A SQL injection vulnerability exists in the ShitiController.class.php file in YxtCMF version 3.1. A remote attacker can exploit this vulnerability...
SQL injection vulnerability in YxtCMF frontend ShitiController.class.php page
YxtCMF Yi Xue Tang Online Learning System is an online learning platform system developed with thinkphp+bootstrap as the framework. A SQL injection vulnerability exists in the YxtCMF frontend ShitiController.class.php page. The vulnerability is due to the system failing to effectively filter...
Stored Cross-Site Scripting Vulnerability in addpost Function on YxtCMF PlateController.class.php Page
YxtCMF Yi Xue Tang Online Learning System is an online learning platform system developed with thinkphp+bootstrap as the framework. A stored cross-site scripting vulnerability exists in the addpost function on the YxtCMF PlateController.class.php page. An attacker can insert malicious js code int...