Vulnerabilities > Xunruicms

DATE CVE VULNERABILITY TITLE RISK
2024-02-02 CVE-2024-24388 Cross-site Scripting vulnerability in Xunruicms
Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive information via crafted malicious requests to the background login.
network
low complexity
xunruicms CWE-79
6.1
2023-12-11 CVE-2023-49490 Cross-site Scripting vulnerability in Xunruicms 4.5.5
XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin.php.
network
low complexity
xunruicms CWE-79
6.1
2023-09-27 CVE-2021-38243 Unspecified vulnerability in Xunruicms
xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php.
network
low complexity
xunruicms
critical
9.8
2023-03-29 CVE-2023-1680 Unspecified vulnerability in Xunruicms 4.6.1
A vulnerability, which was classified as problematic, has been found in Xunrui CMS 4.61.
network
low complexity
xunruicms
7.5
2023-03-29 CVE-2023-1683 Cleartext Storage of Sensitive Information vulnerability in Xunruicms 4.6.1
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic.
network
low complexity
xunruicms CWE-312
7.5
2023-03-29 CVE-2023-1682 Forced Browsing vulnerability in Xunruicms 4.6.1
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic.
network
low complexity
xunruicms CWE-425
7.5
2023-03-28 CVE-2023-1681 Unspecified vulnerability in Xunruicms 4.6.1
A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61.
network
low complexity
xunruicms
7.5
2019-10-01 CVE-2019-17074 Cross-site Scripting vulnerability in Xunruicms 4.3.1
An issue was discovered in XunRuiCMS 4.3.1.
network
xunruicms CWE-79
3.5