CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39496

Eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject malicious code into `filename` param to trigger Reflected XSS.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2021-39496

Eyoucms » Eyoucms » Version: 1.5.4

cpe:2.3:a:eyoucms:eyoucms:1.5.4

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved