Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms eyoucms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-1799
A vulnerability, which was classified as problematic, was found in EyouCMS up to 1.5.4. This affects an unknown part of the file login.php. The manipulation of the argument tag_tag leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
Eyoucms Eyoucms
5.4
CVSSv3
CVE-2023-46935
eyoucms v1.6.4 is vulnerable Cross Site Scripting (XSS), which can lead to stealing sensitive information of logged-in users.
Eyoucms Eyoucms 1.6.4
6.1
CVSSv3
CVE-2024-23031
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
6.1
CVSSv3
CVE-2024-23032
Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
6.1
CVSSv3
CVE-2024-23033
Cross Site Scripting vulnerability in the path parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
6.1
CVSSv3
CVE-2024-23034
Cross Site Scripting vulnerability in the input parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
5.4
CVSSv3
CVE-2023-36093
There is a storage type cross site scripting (XSS) vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3
Eyoucms Eyoucms 1.6.3
9.8
CVSSv3
CVE-2022-26273
EyouCMS v1.5.4 exists to lack parameter filtering in \user\controller\shop.php, leading to payment logic vulnerabilities.
Eyoucms Eyoucms 1.5.4
4.8
CVSSv3
CVE-2023-48880
A stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu Name field at /login.php?m=admin&c=Index&a=changeTableVal&_ajax=1&lang=cn.
Eyoucms Eyoucms 1.6.4
4.8
CVSSv3
CVE-2023-48881
A stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Field Title field at /login.php?m=admin&c=Field&a=arctype_add&_ajax=1&lang=cn.
Eyoucms Eyoucms 1.6.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »