Vulnerabilities > Yzmcms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-14 | CVE-2018-17044 | Cross-site Scripting vulnerability in Yzmcms 5.1 In YzmCMS 5.1, stored XSS exists via the admin/system_manage/user_config_add.html title parameter. | 3.5 |
| 2018-04-11 | CVE-2018-10026 | Cross-site Scripting vulnerability in Yzmcms 3.7.1 The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/module/init.html echostr parameter, related to the valid function in application/wechat/controller/index.class.php. | 3.5 |
| 2018-03-13 | CVE-2018-8078 | Cross-site Scripting vulnerability in Yzmcms 3.7 YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html. | 3.5 |