Vulnerabilities > Yzmcms > Yzmcms > 5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-30 | CVE-2020-19118 | Cross-site Scripting vulnerability in Yzmcms 5.2 Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the site_code parameter in admin/index/init.html. | 3.5 |
| 2021-04-30 | CVE-2020-18084 | Cross-site Scripting vulnerability in Yzmcms 5.2 Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the "referer" field of a POST request to the component "/member/index/login.html" when logging in. | 4.3 |
| 2019-03-11 | CVE-2019-9661 | Cross-site Scripting vulnerability in Yzmcms 5.2 Stored XSS exists in YzmCMS 5.2 via the admin/system_manage/user_config_edit.html "value" parameter, | 3.5 |
| 2019-03-11 | CVE-2019-9660 | Cross-site Scripting vulnerability in Yzmcms 5.2 Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html "catname" parameter. | 3.5 |
| 2018-12-10 | CVE-2018-20015 | Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.2 YzmCMS v5.2 has admin/role/add.html CSRF. | 6.8 |
| 2018-12-04 | CVE-2018-19849 | Cross-site Scripting vulnerability in Yzmcms 5.2 An issue was discovered in YzmCMS 5.2. | 3.5 |
| 2018-11-07 | CVE-2018-19092 | Cross-site Scripting vulnerability in Yzmcms 5.2 An issue was discovered in YzmCMS v5.2. | 4.3 |