CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-8805

Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/QQ704568679/YXcms-Code-audit/blob/master/Yxcms%20Code%20audit
https://github.com/QQ704568679/YXcms-Code-audit/blob/master/Yxcms%20Code%20audit

Products affected by CVE-2018-8805

Yxcms » Yxcms » Version: 1.4.7

cpe:2.3:a:yxcms:yxcms:1.4.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8805

Products

Pricing

Contact Us