CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Easycms: >> Easycms >> 1.5 Security Vulnerabilities

CVE-2019-6294

An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI.

CVSS Score

8.8

EPSS Score

0.001

Published

2019-01-15

CVE-2018-17113

App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf in EasyCMS 1.5 has XSS via the uploadifyID or movieName parameter, a related issue to CVE-2018-9173.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-09-17

CVE-2018-16773

EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field.

CVSS Score

4.8

EPSS Score

0.002

Published

2018-09-10

CVE-2018-16345

An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability that can update the admin password via index.php?s=/admin/rbacuser/update/navTabId/listusers/callbackType/closeCurrent.

CVSS Score

8.8

EPSS Score

0.001

Published

2018-09-02

Page 1

Vulnerabilities

Vulnerable Software

Easycms: >> Easycms >> 1.5 Security Vulnerabilities

Products

Pricing

Contact Us