A vulnerability was found in YFCMF up to 3.0.4. It has been rated as problematic. This issue affects some unknown processing of the file app/admin/controller/Ajax.php. The manipulation of the argument controllername leads to path traversal: '../filedir'. The attack may be initiated remotely. The...
9.8CVSS
9.5AI Score
0.001EPSS
A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be.....
9.8CVSS
9.6AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.008EPSS
In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news...
4.8CVSS
4.8AI Score
0.001EPSS
8.8CVSS
8.5AI Score
0.001EPSS