CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39497

eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote() function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2021-39497

Eyoucms » Eyoucms » Version: 1.5.4

cpe:2.3:a:eyoucms:eyoucms:1.5.4

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved