Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28812

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00739EPSS
Exploits1References1
Prion
Prion
added 2022/03/10 5:45 p.m.19 views

Improper access control

YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user's personal home page can be realized. It is necessary to judge the user's login status before accessing the personal home page, but the vulnerability can access other users' home pages through the non...

6.4CVSS9.1AI score0.01458EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/07 3:15 p.m.15 views

CVE-2022-23383

YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user's personal home page can be realized. It is necessary to judge the user's login status before accessing the personal home page, but the vulnerability can access other users' home pages through the non...

9.1CVSS7AI score0.01458EPSS
Exploits0References5
NVD
NVD
added 2022/02/15 1:15 p.m.18 views

CVE-2022-23384

YzmCMS v6.3 is affected by Cross Site Request Forgery CSRF in /admin.add...

8.8CVSS0.00543EPSS
Exploits1References1
Prion
Prion
added 2022/02/15 1:15 p.m.15 views

Cross site request forgery (csrf)

YzmCMS v6.3 is affected by Cross Site Request Forgery CSRF in /admin.add...

6.8CVSS8.8AI score0.00543EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/02/15 12:4 p.m.25 views

CVE-2022-23384

YzmCMS v6.3 is affected by Cross Site Request Forgery CSRF in /admin.add...

9.1AI score0.00543EPSS
Exploits1References1
CVE
CVE
added 2022/02/15 12:4 p.m.93 views

CVE-2022-23384

YzmCMS v6.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability in /admin.add. The CVE entry (CVE-2022-23384) is described across multiple sources as facilitating CSRF, enabling an attacker to spoof requests from victims and potentially trigger sensitive actions. The NVD metrics show...

8.8CVSS8.8AI score0.00543EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/02/15 12:4 p.m.9 views

CVE-2022-23384

YzmCMS v6.3 is affected by Cross Site Request Forgery CSRF in /admin.add...

8.8CVSS7.3AI score0.00543EPSS
Exploits1References3
NVD
NVD
added 2022/01/28 9:15 p.m.20 views

CVE-2022-23887

YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily delete user accounts via /admin/adminmanage/delete...

6.5CVSS0.00739EPSS
Exploits1References1
NVD
NVD
added 2022/01/28 9:15 p.m.23 views

CVE-2022-23889

The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually large number of comments...

5.3CVSS0.01082EPSS
Exploits1References1
Prion
Prion
added 2022/01/28 9:15 p.m.17 views

Cross site request forgery (csrf)

YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily delete user accounts via /admin/adminmanage/delete...

4.3CVSS6.6AI score0.00739EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/01/28 9:15 p.m.17 views

Code injection

The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually large number of comments...

5CVSS5.3AI score0.01082EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/28 8:45 p.m.20 views

CVE-2022-23889

The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually large number of comments...

5.6AI score0.01082EPSS
Exploits1References1
OSV
OSV
added 2022/01/28 8:45 p.m.14 views

CVE-2022-23889

The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually large number of comments...

5.3CVSS6.8AI score0.01082EPSS
Exploits1References3
CVE
CVE
added 2022/01/28 8:44 p.m.55 views

CVE-2022-23887

CVE-2022-23887: YzmCMS v6.3 is affected by a Cross-Site Request Forgery (CSRF) that lets an attacker delete user accounts via /admin/admin_manage/delete. Root cause is CSRF vulnerability; exploitation details are not provided in the documents. No remediation/fix is specified in the provided data....

6.5CVSS6.5AI score0.00739EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/28 8:44 p.m.21 views

CVE-2022-23887

YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily delete user accounts via /admin/adminmanage/delete...

6.8AI score0.00739EPSS
Exploits1References1
OSV
OSV
added 2022/01/28 8:44 p.m.16 views

CVE-2022-23887

YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily delete user accounts via /admin/adminmanage/delete...

6.5CVSS7.4AI score0.00739EPSS
Exploits1References3
Rows per page
Query Builder