Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-44387
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module.
Eyoucms Eyoucms 1.5.9
6.5
CVSSv3
CVE-2022-44389
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. This vulnerability allows malicious users to arbitrarily change Administrator account information.
Eyoucms Eyoucms 1.5.9
9.8
CVSSv3
CVE-2022-26279
EyouCMS v1.5.5 exists to have no access control in the component /data/sqldata.
Eyoucms Eyoucms 1.5.5
8.8
CVSSv3
CVE-2020-18129
A CSRF vulnerability in Eyoucms v1.2.7 allows an malicious user to add an admin account via login.php.
Eyoucms Eyoucms 1.2.7
7.2
CVSSv3
CVE-2021-42194
The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's input directly into the simplexml_ load_ String function, which itself does not prohibit external entities, triggering a XML external entity (XXE) injection vulnerability.
Eyoucms Eyoucms 1.5.4
5.3
CVSSv3
CVE-2023-37645
eyoucms v1.6.3 exists to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt.
Eyoucms Eyoucms 1.6.3
5.4
CVSSv3
CVE-2020-21929
A stored cross site scripting (XSS) vulnerability in the web_copyright field of Eyoucms v1.4.1 allows authenticated malicious users to execute arbitrary web scripts or HTML.
Eyoucms Eyoucms 1.4.1
5.4
CVSSv3
CVE-2020-21930
A stored cross site scripting (XSS) vulnerability in the web_attr_2 field of Eyoucms v1.4.1 allows authenticated malicious users to execute arbitrary web scripts or HTML.
Eyoucms Eyoucms 1.4.1
6.1
CVSSv3
CVE-2023-41597
EyouCms v1.6.2 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /admin/twitter.php?active_t.
Eyoucms Eyoucms 1.6.2
4.3
CVSSv3
CVE-2023-31708
A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows malicious users to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function.
Eyoucms Eyoucms 1.6.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »