Vulnerabilities > Eyoucms > Eyoucms > 1.5.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-14 | CVE-2023-2058 | Cross-site Scripting vulnerability in Eyoucms A vulnerability was found in EyouCms up to 1.6.2. | 6.1 |
2023-01-20 | CVE-2022-45537 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_LIST_URL". | 6.1 |
2023-01-20 | CVE-2022-45538 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_GOBACK_URL". | 6.1 |
2023-01-20 | CVE-2022-45539 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file. | 6.1 |
2023-01-20 | CVE-2022-45540 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char. | 6.1 |
2023-01-20 | CVE-2022-45541 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article attribute editor component in POST value "value" if the value contains a non-integer char. | 6.1 |
2023-01-20 | CVE-2022-45542 | Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file. | 5.4 |
2022-03-24 | CVE-2022-26279 | Forced Browsing vulnerability in Eyoucms 1.5.5 EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. | 9.8 |