Xiaohuanxiong Project: Security Vulnerabilities
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-03-28
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-03-23