Vulnerabilities > Xunruicms

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-02	CVE-2024-24388	Cross-site Scripting vulnerability in Xunruicms Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive information via crafted malicious requests to the background login. network low complexity xunruicms CWE-79	6.1
2023-12-11	CVE-2023-49490	Cross-site Scripting vulnerability in Xunruicms 4.5.5 XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin.php. network low complexity xunruicms CWE-79	6.1
2023-09-27	CVE-2021-38243	Unspecified vulnerability in Xunruicms xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. network low complexity xunruicms critical	9.8
2023-03-29	CVE-2023-1680	Unspecified vulnerability in Xunruicms 4.6.1 A vulnerability, which was classified as problematic, has been found in Xunrui CMS 4.61. network low complexity xunruicms	7.5
2023-03-29	CVE-2023-1683	Cleartext Storage of Sensitive Information vulnerability in Xunruicms 4.6.1 A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. network low complexity xunruicms CWE-312	7.5
2023-03-29	CVE-2023-1682	Forced Browsing vulnerability in Xunruicms 4.6.1 A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. network low complexity xunruicms CWE-425	7.5
2023-03-28	CVE-2023-1681	Unspecified vulnerability in Xunruicms 4.6.1 A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61. network low complexity xunruicms	7.5
2023-03-23	CVE-2022-30037	Inclusion of Functionality from Untrusted Control Sphere vulnerability in Xunruicms XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php. network low complexity xunruicms CWE-829	7.2
2022-08-19	CVE-2022-36224	Cross-Site Request Forgery (CSRF) vulnerability in Xunruicms 4.5.6 XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF). network low complexity xunruicms CWE-352	8.8
2019-10-01	CVE-2019-17074	Cross-site Scripting vulnerability in Xunruicms 4.3.1 An issue was discovered in XunRuiCMS 4.3.1. network low complexity xunruicms CWE-79	5.4

Vulnerabilities > Xunruicms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Xunruicms"}]}

Vulnerabilities > Xunruicms