Yfcmf

yfcmf

Vendor: Yfcmf • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-23691 1Yfcmf 1Yfcmf Jun 17, 2026 May 14, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php.
CVE-2020-23689 1Yfcmf 1Yfcmf Jun 17, 2026 May 14, 2021 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments section of the news page.
CVE-2018-16431 1Yfcmf 1Yfcmf Nov 21, 2024 Sep 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.