Eyoucms: >> Eyoucms >> 1.3.6 Security Vulnerabilities
Cross Site Request Forgery (CSRF) vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-08-19
Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the basic_information area.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-08-19
Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3.6 that can add an admin account via /login.php?m=admin&c=Admin&a=admin_add&lang=cn.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-08-18
Cross Site Scripting (XSS) vulnerability exists in Eyoucms v1.4.7 and earlier via the addonfieldext parameter.
CVSS Score
6.1
EPSS Score
0.016
Published
2021-08-18
Page 2