Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms eyoucms 1.6.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-45280
A cross-site scripting (XSS) vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Eyoucms Eyoucms 1.6.0
5.4
CVSSv3
CVE-2022-45755
Cross-site scripting (XSS) vulnerability in EyouCMS v1.6.0 allows malicious users to execute arbitrary code via the home page description on the basic information page.
Eyoucms Eyoucms 1.6.0
6.1
CVSSv3
CVE-2022-45537
EyouCMS <= 1.6.0 exists a reflected-XSS in the article publish component in cookie "ENV_LIST_URL".
Eyoucms Eyoucms
6.1
CVSSv3
CVE-2022-45538
EyouCMS <= 1.6.0 exists a reflected-XSS in the article publish component in cookie "ENV_GOBACK_URL".
Eyoucms Eyoucms
5.4
CVSSv3
CVE-2022-45542
EyouCMS <= 1.6.0 exists a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file.
Eyoucms Eyoucms
6.1
CVSSv3
CVE-2022-45539
EyouCMS <= 1.6.0 exists a reflected-XSS in FileManager component in GET value "activepath" when creating a new file.
Eyoucms Eyoucms
6.1
CVSSv3
CVE-2022-45540
EyouCMS <= 1.6.0 exists a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char.
Eyoucms Eyoucms
6.1
CVSSv3
CVE-2022-45541
EyouCMS <= 1.6.0 exists a reflected-XSS in the article attribute editor component in POST value "value" if the value contains a non-integer char.
Eyoucms Eyoucms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started