Vulnerabilities > Eyoucms > Eyoucms > 1.3.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-14 | CVE-2023-2058 | Cross-site Scripting vulnerability in Eyoucms A vulnerability was found in EyouCms up to 1.6.2. | 6.1 |
2023-04-02 | CVE-2023-1798 | Cross-site Scripting vulnerability in Eyoucms A vulnerability, which was classified as problematic, has been found in EyouCMS up to 1.5.4. | 5.4 |
2023-04-02 | CVE-2023-1799 | Cross-site Scripting vulnerability in Eyoucms A vulnerability, which was classified as problematic, was found in EyouCMS up to 1.5.4. | 5.4 |
2023-01-20 | CVE-2022-45537 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_LIST_URL". | 6.1 |
2023-01-20 | CVE-2022-45538 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_GOBACK_URL". | 6.1 |
2023-01-20 | CVE-2022-45539 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file. | 6.1 |
2023-01-20 | CVE-2022-45540 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char. | 6.1 |
2023-01-20 | CVE-2022-45541 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article attribute editor component in POST value "value" if the value contains a non-integer char. | 6.1 |
2023-01-20 | CVE-2022-45542 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file. | 5.4 |
2021-08-19 | CVE-2020-20642 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.3.6 Cross Site Request Forgery (CSRF) vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn. | 6.8 |