CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-19157

Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers to execute arbitrary code via the 'Intro' parameter for the component '/index.php?m=ucenter&a=index'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/TL-swallow/swallow/issues/14
https://github.com/TL-swallow/swallow/issues/14

Products affected by CVE-2020-19157

Wenkucms Project » Wenkucms » Version: 3.4

cpe:2.3:a:wenkucms_project:wenkucms:3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-19157

Products

Pricing

Contact Us