Vulnerabilities > Eyoucms

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-20	CVE-2022-45538	Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article publish component in cookie "ENV_GOBACK_URL". network low complexity eyoucms CWE-79	6.1
2023-01-20	CVE-2022-45539	Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in FileManager component in GET value "activepath" when creating a new file. network low complexity eyoucms CWE-79	6.1
2023-01-20	CVE-2022-45540	Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in article type editor component in POST value "name" if the value contains a malformed UTF-8 char. network low complexity eyoucms CWE-79	6.1
2023-01-20	CVE-2022-45541	Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article attribute editor component in POST value "value" if the value contains a non-integer char. network low complexity eyoucms CWE-79	6.1
2023-01-20	CVE-2022-45542	Cross-site Scripting vulnerability in Eyoucms EyouCMS <= 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file. network low complexity eyoucms CWE-79	5.4
2022-12-15	CVE-2021-39428	Cross-site Scripting vulnerability in Eyoucms 1.5.4 Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic. network low complexity eyoucms CWE-79	5.4
2022-11-23	CVE-2022-45280	Cross-site Scripting vulnerability in Eyoucms 1.6.0 A cross-site scripting (XSS) vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. network low complexity eyoucms CWE-79	5.4
2022-11-14	CVE-2022-43323	Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit Member module. network low complexity eyoucms CWE-352	8.8
2022-11-14	CVE-2022-44387	Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module. network low complexity eyoucms CWE-352	8.8
2022-11-14	CVE-2022-44389	Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.5.9 EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. network low complexity eyoucms CWE-352	6.5

Vulnerabilities > Eyoucms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Eyoucms"}]}

Vulnerabilities > Eyoucms