Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 13/03/2018 Updated: 29/03/2018

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yzmcms yzmcms 3.7

YZMCMS v3.7最新版xss漏洞 CVE-2018-8078

YZMCMSxss CVE-2018-8078 YZMCMS v37最新版xss漏洞 YZMCMS V37 Stored XSS 这个xss存在于v37新增的广告管理模块，如图所示: This xss exists in v37 new advertising management module, as shown in the figure: 我们可以在YzmCMS-V37\application\advertisement\controller\adverclassphp第55-70行中找到广告管理编辑功能的具体代码，如图所示

CWE-79 https://github.com/AlwaysHereFight/YZMCMSxss/blob/master/README.md https://nvd.nist.gov https://github.com/AlwaysHereFight/YZMCMSxss

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-8078

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect