Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-24000
SQL Injection vulnerability in eyoucms cms v1.4.7, allows malicious users to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php.
Eyoucms Eyoucms 1.4.7
NA
CVE-2022-43323
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit Member module.
Eyoucms Eyoucms 1.5.9
3.5
CVSSv2
CVE-2021-39496
Eyoucms 1.5.4 lacks sanitization of input data, allowing an malicious user to inject malicious code into `filename` param to trigger Reflected XSS.
Eyoucms Eyoucms 1.5.4
7.5
CVSSv2
CVE-2021-39497
eyoucms 1.5.4 lacks sanitization of input data, allowing an malicious user to inject a url to trigger blind SSRF via the saveRemote() function.
Eyoucms Eyoucms 1.5.4
5
CVSSv2
CVE-2021-39500
Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories.
Eyoucms Eyoucms 1.5.4
5.8
CVSSv2
CVE-2021-39501
EyouCMS 1.5.4 is vulnerable to Open Redirect. An attacker can redirect a user to a malicious url via the Logout function.
Eyoucms Eyoucms 1.5.4
NA
CVE-2023-33492
EyouCMS 1.6.2 is vulnerable to Cross Site Scripting (XSS).
Eyoucms Eyoucms 1.6.2
NA
CVE-2022-45280
A cross-site scripting (XSS) vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Eyoucms Eyoucms 1.6.0
NA
CVE-2022-44387
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module.
Eyoucms Eyoucms 1.5.9
NA
CVE-2022-44389
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. This vulnerability allows malicious users to arbitrarily change Administrator account information.
Eyoucms Eyoucms 1.5.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »