A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely.....
9.8CVSS
9.5AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is possible to launch...
9.8CVSS
9.5AI Score
0.001EPSS
In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user...
8.8CVSS
8.6AI Score
0.001EPSS
9.8CVSS
9.8AI Score
0.002EPSS