Unrestricted file upload vulnerability in the yccms 3.3 project. The xhUp function's improper judgment of the request parameters, triggers remote code...
9.8CVSS
9.8AI Score
0.082EPSS
Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of the request parameters, triggers a sql injection...
9.8CVSS
9.5AI Score
0.002EPSS
Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal...
7.5CVSS
7.5AI Score
0.001EPSS