Vulnerabilities > Yunyecms

DATE CVE VULNERABILITY TITLE RISK
2023-07-31 CVE-2020-21662 SQL Injection vulnerability in Yunyecms 2.0.2
SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL commands via XFF.
network
low complexity
yunyecms CWE-89
critical
9.8
2020-12-21 CVE-2020-21377 SQL Injection vulnerability in Yunyecms 2.0.1
SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter.
network
low complexity
yunyecms CWE-89
critical
9.8