Yunucms: >> Yunucms >> 1.1.8 Security Vulnerabilities
An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-01-04
YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST request.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-01-04