Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Yfcmf Subscribe
Filtered by product Yfcmf
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-23689 1 Yfcmf 1 Yfcmf 2021-05-21 3.5 LOW 4.8 MEDIUM
In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page.
CVE-2020-23691 1 Yfcmf 1 Yfcmf 2021-05-21 7.5 HIGH 9.8 CRITICAL
YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php.
CVE-2018-16431 1 Yfcmf 1 Yfcmf 2018-11-02 6.8 MEDIUM 8.8 HIGH
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.