Shodan
Vulnerabilities
Vulnerable Software
Eyoucms:  >> Eyoucms  Security Vulnerabilities
CVE-2022-45280
A cross-site scripting (XSS) vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-11-23
CVE-2022-44387
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-11-14
CVE-2022-44389
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. This vulnerability allows attackers to arbitrarily change Administrator account information.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-11-14
CVE-2022-44390
A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-11-14
CVE-2022-43323
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit Member module.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-11-14
CVE-2022-41500
EyouCMS V1.5.9 was discovered to contain multiple Cross-Site Request Forgery (CSRF) vulnerabilities via the Members Center, Editorial Membership, and Points Recharge components.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-10-18
CVE-2022-36225
EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forgery (CSRF) via the background, column management function and add.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-08-19
CVE-2022-35509
An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload via the title parameter in the foreground contribution, allowing the attacker to obtain sensitive information.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-08-10
CVE-2022-33122
A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page.
CVSS Score
4.8
EPSS Score
0.002
Published
2022-06-24
CVE-2022-26273
EyouCMS v1.5.4 was discovered to lack parameter filtering in \user\controller\shop.php, leading to payment logic vulnerabilities.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-03-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved