Xunruicms: >> Xunruicms >> 3.6.4 Security Vulnerabilities
A cross-site scripting (XSS) vulnerability in XunRuiCMS up to v4.6.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Column Name parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-03-07
Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive information via crafted malicious requests to the background login.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-02-02
xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. This vulnerability allows attackers to execute arbitrary code via a crafted GET request.
CVSS Score
9.8
EPSS Score
0.042
Published
2023-09-27
Page 2