VYPR
Vendor

Youke365

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2018-18242CriOct 11, 2018
    risk 0.64cvss 9.8epss 0.01

    youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86.

  • CVE-2018-18215HigOct 11, 2018
    risk 0.57cvss 8.8epss 0.00

    In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account.

  • CVE-2024-0304MedJan 8, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side request forgery. The attack can be…

  • CVE-2024-0303MedJan 8, 2024
    risk 0.41cvss 6.3epss 0.01

    A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is…