Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

YiFang — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting YiFang. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Yifang is primarily used as a web application framework for building enterprise solutions. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws. Security researchers have identified multiple authentication bypass issues and insecure direct object references in its components. While no major public security incidents have been widely reported, the 13 documented CVEs highlight consistent security concerns, particularly around input validation and access control. The framework's widespread adoption in enterprise environments makes these vulnerabilities potentially impactful, though remediation patches are typically released in a timely manner following vulnerability disclosures.

Top products by YiFang: CMS
CVE IDTitleCVSSSeverityPublished
CVE-2026-6633 Yifang CMS Extended Management L_rbac_admin.php store cross site scripting — CMSCWE-79 3.5 Low2026-04-20
CVE-2026-3743 YiFang CMS D_singlePageGroup.php update cross site scripting — CMSCWE-79 3.5 Low2026-03-08
CVE-2026-3742 YiFang CMS D_singlePage.php update cross site scripting — CMSCWE-79 3.5 Low2026-03-08
CVE-2026-3741 YiFang CMS D_friendLink.php update cross site scripting — CMSCWE-79 3.5 Low2026-03-08
CVE-2026-2934 YiFang CMS Extended Management D_friendLinkGroup.php update cross site scripting — CMSCWE-79 2.4 Low2026-02-22
CVE-2026-2933 YiFang CMS Extended Management D_adManage.php update cross site scripting — CMSCWE-79 2.4 Low2026-02-22
CVE-2026-2932 YiFang CMS Extended Management D_adPosition.php update cross site scripting — CMSCWE-79 2.4 Low2026-02-22
CVE-2025-11136 YiFang CMS Backend File.php webUploader unrestricted upload — CMSCWE-434 4.7 Medium2025-09-29
CVE-2025-9400 YiFang CMS P_file.php mergeMultipartUpload unrestricted upload — CMSCWE-434 6.3 Medium2025-08-25
CVE-2025-9399 YiFang CMS L_tool.php sql injection — CMSCWE-89 6.3 Medium2025-08-25
CVE-2025-9398 YiFang CMS Migrate.php exportInstallTable information disclosure — CMSCWE-200 5.3 Medium2025-08-24
CVE-2025-5383 Yifang CMS Article Management Module cross site scripting — CMSCWE-79 2.4 Low2025-05-31
CVE-2025-5381 Yifang CMS Admin Panel downloadFile path traversal — CMSCWE-22 2.7 Low2025-05-31

This page lists every published CVE security advisory associated with YiFang. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.