lxw1844912514/YFCMF

Releases6

Frequency1 month 4 weeks

Last Release over 9 years ago

Stars4

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-23691 ↗	May 14, 2021Friday, 14 May 2021, 15:15	9.8 CRITICAL	7.5 HIGH
YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php.
CVE-2020-23689 ↗	May 14, 2021Friday, 14 May 2021, 14:15	4.8 MEDIUM	3.5 LOW
In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page.