Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-23691 | 1 Yfcmf | 1 Yfcmf | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php. | |||||
| CVE-2020-23689 | 1 Yfcmf | 1 Yfcmf | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page. | |||||
| CVE-2018-16431 | 1 Yfcmf | 1 Yfcmf | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. | |||||