Vulnerabilities > Lvyecms Project

DATE	CVE	VULNERABILITY TITLE	RISK
2017-11-20	CVE-2017-16904	Cross-site Scripting vulnerability in Lvyecms Project Lvyecms The Public tologin feature in admin.php in LvyeCMS through 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an administrator. network low complexity lvyecms-project CWE-79	6.1
2017-11-20	CVE-2017-16903	Path Traversal vulnerability in Lvyecms Project Lvyecms LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjunction with PHP code in the content parameter, within a template Style add request to index.php. network low complexity lvyecms-project CWE-22 critical	9.8

Vulnerabilities > Lvyecms Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Lvyecms Project"}]}