Yifang

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-9398 MEDIUM POC This Month

A security vulnerability has been detected in YiFang CMS up to 2.0.5. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Yifang

NVD GitHub VulDB

CVSS 4.0

5.5

EPSS

0.0%

CVE-2025-5383 MEDIUM POC This Month

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Yifang

NVD VulDB

CVSS 4.0

4.8

EPSS

0.1%

CVE-2025-5381 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Yifang CMS up to 2.0.2. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Yifang

NVD VulDB

CVSS 4.0

5.1

EPSS

1.3%

CVE-2025-45887 CRITICAL POC Act Now

Yifang CMS v2.0.2 is vulnerable to Server-Side Request Forgery (SSRF) in /api/file/getRemoteContent. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Yifang

NVD

CVSS 3.1

9.1

EPSS

0.3%

CVE-2025-9398

EPSS 0% CVSS 5.5

MEDIUM POC This Month

PHP Information Disclosure Yifang

NVD GitHub VulDB

CVE-2025-5383

EPSS 0% CVSS 4.8

MEDIUM POC This Month

XSS Yifang

NVD VulDB

CVE-2025-5381

EPSS 1% CVSS 5.1

MEDIUM POC This Month

Path Traversal Yifang

NVD VulDB

CVE-2025-45887

EPSS 0% CVSS 9.1

CRITICAL POC Act Now

SSRF Yifang

NVD