Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2058
A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit&tabid=12&id=4 of the component HTTP POST Request Handler. The manipul...
Eyoucms Eyoucms
NA
CVE-2023-31708
A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows malicious users to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function.
Eyoucms Eyoucms 1.6.2
NA
CVE-2024-23031
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
NA
CVE-2024-23032
Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
NA
CVE-2024-23033
Cross Site Scripting vulnerability in the path parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
NA
CVE-2024-23034
Cross Site Scripting vulnerability in the input parameter in eyoucms v.1.6.5 allows a remote malicious user to run arbitrary code via crafted URL.
Eyoucms Eyoucms 1.6.5
NA
CVE-2022-44387
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module.
Eyoucms Eyoucms 1.5.9
NA
CVE-2022-44389
EyouCMS V1.5.9-UTF8-SP1 exists to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. This vulnerability allows malicious users to arbitrarily change Administrator account information.
Eyoucms Eyoucms 1.5.9
NA
CVE-2022-44390
A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field.
Eyoucms Eyoucms 1.5.9
NA
CVE-2022-45280
A cross-site scripting (XSS) vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Eyoucms Eyoucms 1.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »