Youke365

youke365

4 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-0304 1Youke365 1Youke 365 Nov 21, 2024 Jan 8, 2024 N/A· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument...Show more A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/collect.php. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249871.Show less
CVE-2024-0303 1Youke365 1Youke 365 Nov 21, 2024 Jan 8, 2024 N/A· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php of the component Parameter Handler. The manipulation of the...Show more A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249870 is the identifier assigned to this vulnerability.Show less
CVE-2018-18215 1Youke365 1Youke 365 Nov 21, 2024 Oct 11, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account.
CVE-2018-18242 1Youke365 1Youke 365 Nov 21, 2024 Oct 11, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86.