Vulnerabilities > Yzmcms > Yzmcms > 5.3

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2020-19949 Cross-site Scripting vulnerability in Yzmcms 5.3
A cross-site scripting (XSS) vulnerability in the /link/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.
network
yzmcms CWE-79
3.5
3.5
2021-09-23 CVE-2020-19950 Cross-site Scripting vulnerability in Yzmcms 5.3
A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.
network
yzmcms CWE-79
3.5
3.5
2019-09-26 CVE-2019-16532 Injection vulnerability in Yzmcms 5.3
An HTTP Host header injection vulnerability exists in YzmCMS V5.3.
network
yzmcms CWE-74
5.8
5.8
2019-09-21 CVE-2019-16678 Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.3
admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route.
network
yzmcms CWE-352
4.3
4.3