Eyoucms: >> Eyoucms >> 1.5.9 Security Vulnerabilities
EyouCMS <= 1.6.0 was discovered a reflected-XSS in the article attribute editor component in POST value "value" if the value contains a non-integer char.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-01-20
EyouCMS <= 1.6.0 was discovered a reflected-XSS in the FileManager component in GET parameter "filename" when editing any file.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-01-20
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-11-14
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. This vulnerability allows attackers to arbitrarily change Administrator account information.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-11-14
A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-11-14
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit Member module.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-11-14
EyouCMS V1.5.9 was discovered to contain multiple Cross-Site Request Forgery (CSRF) vulnerabilities via the Members Center, Editorial Membership, and Points Recharge components.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-10-18
Page 2