Vulnerabilities > Eyoucms > Eyoucms > 1.3.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-19 | CVE-2020-20645 | Cross-site Scripting vulnerability in Eyoucms 1.3.6 Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area. | 3.5 |
2021-08-18 | CVE-2020-19669 | Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.3.6 Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3.6 that can add an admin account via /login.php?m=admin&c=Admin&a=admin_add&lang=cn. | 6.8 |
2021-08-18 | CVE-2020-28146 | Cross-site Scripting vulnerability in Eyoucms Cross Site Scripting (XSS) vulnerability exists in Eyoucms v1.4.7 and earlier via the addonfieldext parameter. | 4.3 |