Youke365: >> Youke 365 >> 1.1.5 Security Vulnerabilities
In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-10-11
youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-11