CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Xyhcms Project: >> Xyhcms Security Vulnerabilities

CVE-2018-10127

An issue was discovered in XYHCMS 3.5. It has CSRF via an index.php?g=Manage&m=Rbac&a=addUser request, resulting in addition of an account with the administrator role.

CVSS Score

8.8

EPSS Score

0.001

Published

2018-04-16

CVE-2018-10128

An issue was discovered in XYHCMS 3.5. It has XSS via the test parameter to index.php.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-04-16

Page 1

Vulnerabilities

Vulnerable Software

Xyhcms Project: >> Xyhcms Security Vulnerabilities

Products

Pricing

Contact Us