Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2020-19951
Disclosure Date: September 23, 2021 (last updated February 23, 2025)
A cross-site request forgery (CSRF) in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application.
0
Attacker Value
Unknown
CVE-2020-20341
Disclosure Date: September 01, 2021 (last updated February 23, 2025)
YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function.
0
Attacker Value
Unknown
CVE-2020-22394
Disclosure Date: November 19, 2020 (last updated February 22, 2025)
In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability.
0
