Yfcmf
1 CVEs
product
Monthly
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
CSRF
Yfcmf
NVD
CVSS 3.0
8.8
EPSS
0.8%
EPSS 1%
CVSS 8.8
HIGH
POC
This Week
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
CSRF
Yfcmf
NVD