Vendor
YFCMF
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-3056 | 0.00 | — | 0.00 | Jun 2, 2023 | A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the… | |||
| CVE-2020-23689 | 0.00 | — | 0.00 | May 14, 2021 | In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page. | |||
| CVE-2018-16431 | 0.00 | — | 0.01 | Sep 4, 2018 | admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. |
- CVE-2023-3056Jun 2, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the…
- CVE-2020-23689May 14, 2021risk 0.00cvss —epss 0.00
In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page.
- CVE-2018-16431Sep 4, 2018risk 0.00cvss —epss 0.01
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.