CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-39500

Eyoucms 1.5.4 is vulnerable to Directory Traversal. Due to a lack of input data sanitizaton in param tpldir, filename, type, nid an attacker can inject "../" to escape and write file to writeable directories.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/KietNA-HPT/CVE
https://github.com/eyoucms/eyoucms/releases/tag/v1.5.4
https://github.com/KietNA-HPT/CVE
https://github.com/eyoucms/eyoucms/releases/tag/v1.5.4

Products affected by CVE-2021-39500

Eyoucms » Eyoucms » Version: 1.5.4

cpe:2.3:a:eyoucms:eyoucms:1.5.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39500

Products

Pricing

Contact Us