Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
435
VMScore
CVE-2018-7653
Published: 04/03/2018 Updated: 10/06/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Yzmcms
Vulnerability Summary
In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter.
Vulnerable Product
Search on Vulmon
Subscribe to Product
yzmcms yzmcms 3.6
Exploits
Exploit DB: YzmCMS 3.6 - Cross-Site Scripting
# Exploit Title: YzmCMS 36 XSS Vulnerability # Date: 2018-04-03 # Exploit Author: zzw (zzw@5ecuritycn) # Vendor Homepage: wwwyzmcmscom/ # Software Link: wwwyzmcmscom/ # Version: 36 # CVE : CVE-2018-7653 This is a XSS vulnerability than can attack the users poc: localhost/YzmCMS/indexphp?m=search&c=index&a=in ...
Exploit DB: YzmCMS 3.6 Cross Site Scripting
YzmCMS version 36 suffers from a cross site scripting vulnerability ...
References
CWE-79
https://github.com/ponyma233/YzmCMS/blob/master/YzmCMS_3.6_bug.md
https://www.exploit-db.com/exploits/44405/
https://packetstormsecurity.com/files/147065/YzmCMS-3.6-Cross-Site-Scripting.html
https://nvd.nist.gov
https://www.exploit-db.com/exploits/44405/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started