Youke365 Youke_365
4 CVEs affecting Youke365 Youke_365. Latest disclosed: 2024-01-08. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-18242 | Critical | 9.8 | 2018-10-11 | youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86. |
CVE-2018-18215 | High | 8.8 | 2018-10-11 | In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account. |
CVE-2024-0304 | Medium | 6.3 | 2024-01-08 | A vulnerability has been found in Youke365 up to 1.5.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /app/… |
CVE-2024-0303 | Medium | 6.3 | 2024-01-08 | A vulnerability, which was classified as critical, was found in Youke365 up to 1.5.3. Affected is an unknown function of the file /app/api/controller/caiji.php… |