Vulnerabilities > Easycms > Easycms > 1.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-29 | CVE-2018-12971 | Cross-Site Request Forgery (CSRF) vulnerability in Easycms 1.3 EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users. | 5.8 |
2018-04-25 | CVE-2018-10374 | Cross-site Scripting vulnerability in Easycms 1.3 EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) in an index.php?s=/index/search/index.html request. | 4.3 |