Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Yxtcmf Subscribe
Filtered by product Yxtcmf
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7733 1 Yxtcmf 1 Yxtcmf 2018-03-26 6.8 MEDIUM 8.8 HIGH
An issue was discovered in YxtCMF 3.1. RbacController.class.php has CSRF, as demonstrated by modifying an administrator account via index.php/admin/user/add_post.html.
CVE-2018-7732 1 Yxtcmf 1 Yxtcmf 2018-03-26 7.5 HIGH 9.8 CRITICAL
An issue was discovered in YxtCMF 3.1. SQL Injection exists in ShitiController.class.php via the ids array parameter to exam/shiti/delshiti.html.