Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-23689 | 1 Yfcmf | 1 Yfcmf | 2021-05-21 | 3.5 LOW | 4.8 MEDIUM |
In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page. | |||||
CVE-2020-23691 | 1 Yfcmf | 1 Yfcmf | 2021-05-21 | 7.5 HIGH | 9.8 CRITICAL |
YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php. | |||||
CVE-2018-16431 | 1 Yfcmf | 1 Yfcmf | 2018-11-02 | 6.8 MEDIUM | 8.8 HIGH |
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. |