Vulnerabilities > Yzmcms > Yzmcms > 5.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-23 | CVE-2020-19951 | Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.5 A cross-site request forgery (CSRF) in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application. | 6.8 |
2021-09-01 | CVE-2020-20341 | Server-Side Request Forgery (SSRF) vulnerability in Yzmcms 5.5 YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function. | 5.0 |
2020-11-19 | CVE-2020-22394 | Cross-site Scripting vulnerability in Yzmcms 5.5 In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability. | 4.3 |