Every CVE whose affected-product data names Yiicms Project Yiicms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2020-21246 — CVSS 5.4 (medium): Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function.