Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-26273
EyouCMS v1.5.4 exists to lack parameter filtering in \user\controller\shop.php, leading to payment logic vulnerabilities.
Eyoucms Eyoucms 1.5.4
9.8
CVSSv3
CVE-2022-26279
EyouCMS v1.5.5 exists to have no access control in the component /data/sqldata.
Eyoucms Eyoucms 1.5.5
9.8
CVSSv3
CVE-2020-24000
SQL Injection vulnerability in eyoucms cms v1.4.7, allows malicious users to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php.
Eyoucms Eyoucms 1.4.7
9.8
CVSSv3
CVE-2021-39497
eyoucms 1.5.4 lacks sanitization of input data, allowing an malicious user to inject a url to trigger blind SSRF via the saveRemote() function.
Eyoucms Eyoucms 1.5.4
8.8
CVSSv3
CVE-2022-44387
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module.
Eyoucms Eyoucms 1.5.9
8.8
CVSSv3
CVE-2022-43323
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit Member module.
Eyoucms Eyoucms 1.5.9
8.8
CVSSv3
CVE-2022-41500
EyouCMS V1.5.9 exists to contain multiple Cross-Site Request Forgery (CSRF) vulnerabilities via the Members Center, Editorial Membership, and Points Recharge components.
Eyoucms Eyoucms 1.5.9
8.8
CVSSv3
CVE-2022-36225
EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forgery (CSRF) via the background, column management function and add.
Eyoucms Eyoucms 1.5.8
8.8
CVSSv3
CVE-2020-20642
Cross Site Request Forgery (CSRF) vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn.
Eyoucms Eyoucms 1.3.6
8.8
CVSSv3
CVE-2020-19669
Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3.6 that can add an admin account via /login.php?m=admin&c=Admin&a=admin_add&lang=cn.
Eyoucms Eyoucms 1.3.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »