Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyoucms vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-17430
EyouCms through 2019-07-11 has XSS related to the login.php web_recordnum parameter.
Eyoucms Eyoucms
8.8
CVSSv3
CVE-2020-20642
Cross Site Request Forgery (CSRF) vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn.
Eyoucms Eyoucms 1.3.6
4.8
CVSSv3
CVE-2023-48880
A stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu Name field at /login.php?m=admin&c=Index&a=changeTableVal&_ajax=1&lang=cn.
Eyoucms Eyoucms 1.6.4
4.8
CVSSv3
CVE-2023-48882
A stored cross-site scripting (XSS) vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Document Properties field at /login.php m=admin&c=Index&a=changeTableVal&_ajax=1&la...
Eyoucms Eyoucms 1.6.4
5.4
CVSSv3
CVE-2020-20645
Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area.
Eyoucms Eyoucms 1.3.6
5.4
CVSSv3
CVE-2023-37133
A stored cross-site scripting (XSS) vulnerability in the Column management module of eyoucms v1.6.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Eyoucms Eyoucms 1.6.3
5.4
CVSSv3
CVE-2023-37136
A stored cross-site scripting (XSS) vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Eyoucms Eyoucms 1.6.3
6.1
CVSSv3
CVE-2021-39499
A Cross-site scripting (XSS) vulnerability in Users in Qiong ICP EyouCMS 1.5.4 allows remote malicious users to inject arbitrary web script or HTML via the `title` parameter in bind_email function.
Eyoucms Eyoucms 1.5.4
5.4
CVSSv3
CVE-2020-21929
A stored cross site scripting (XSS) vulnerability in the web_copyright field of Eyoucms v1.4.1 allows authenticated malicious users to execute arbitrary web scripts or HTML.
Eyoucms Eyoucms 1.4.1
5.4
CVSSv3
CVE-2020-21930
A stored cross site scripting (XSS) vulnerability in the web_attr_2 field of Eyoucms v1.4.1 allows authenticated malicious users to execute arbitrary web scripts or HTML.
Eyoucms Eyoucms 1.4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »