Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms eyoucms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1798
A vulnerability, which was classified as problematic, has been found in EyouCMS up to 1.5.4. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument typename leads to cross site scripting. The attack may be launched remotely. T...
Eyoucms Eyoucms
668
VMScore
CVE-2021-39497
eyoucms 1.5.4 lacks sanitization of input data, allowing an malicious user to inject a url to trigger blind SSRF via the saveRemote() function.
Eyoucms Eyoucms 1.5.4
312
VMScore
CVE-2022-33122
A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page.
Eyoucms Eyoucms 1.5.6
NA
CVE-2022-41500
EyouCMS V1.5.9 exists to contain multiple Cross-Site Request Forgery (CSRF) vulnerabilities via the Members Center, Editorial Membership, and Points Recharge components.
Eyoucms Eyoucms 1.5.9
NA
CVE-2023-33492
EyouCMS 1.6.2 is vulnerable to Cross Site Scripting (XSS).
Eyoucms Eyoucms 1.6.2
668
VMScore
CVE-2022-26273
EyouCMS v1.5.4 exists to lack parameter filtering in \user\controller\shop.php, leading to payment logic vulnerabilities.
Eyoucms Eyoucms 1.5.4
668
VMScore
CVE-2022-26279
EyouCMS v1.5.5 exists to have no access control in the component /data/sqldata.
Eyoucms Eyoucms 1.5.5
NA
CVE-2024-23031
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
NA
CVE-2024-23032
Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
NA
CVE-2022-45755
Cross-site scripting (XSS) vulnerability in EyouCMS v1.6.0 allows malicious users to execute arbitrary code via the home page description on the basic information page.
Eyoucms Eyoucms 1.6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »