Vulnerabilities > Yunucms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-12	CVE-2020-18445	Cross-site Scripting vulnerability in Yunucms 1.1.9 Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php. network yunucms CWE-79	4.3
2021-08-12	CVE-2020-18446	Cross-site Scripting vulnerability in Yunucms 1.1.9 Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the param parameter in the insertContent function in ContentModel.php. network yunucms CWE-79	3.5
2019-01-04	CVE-2019-5311	Cross-site Scripting vulnerability in Yunucms 1.1.8 An issue was discovered in YUNUCMS V1.1.8. network yunucms CWE-79	4.3
2019-01-04	CVE-2019-5310	Cross-site Scripting vulnerability in Yunucms 1.1.8 YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST request. network yunucms CWE-79	4.3
2018-11-11	CVE-2018-19181	Path Traversal vulnerability in Yunucms 1.1.5 statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file. network low complexity yunucms CWE-22	6.4
2018-11-11	CVE-2018-19180	Code Injection vulnerability in Yunucms 1.1.5 statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to database.php. network low complexity yunucms CWE-94	7.5
2018-10-29	CVE-2018-18726	Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in YUNUCMS 1.1.5. network yunucms CWE-79	3.5
2018-10-29	CVE-2018-18725	Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in admin/banner/editbanner?id=20 in YUNUCMS 1.1.5. network yunucms CWE-79	3.5
2018-10-29	CVE-2018-18724	Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS 1.1.5. network yunucms CWE-79	3.5
2018-10-29	CVE-2018-18723	Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in index.php/admin/area/editarea/id/110000 in YUNUCMS 1.1.5. network yunucms CWE-79	3.5

Vulnerabilities > Yunucms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Yunucms"}]}

Vulnerabilities > Yunucms