A cross-site scripting (XSS) vulnerability in the /link/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.
CVSS Score
4.8
EPSS Score
0.003
Published
2021-09-23
A cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.
CVSS Score
4.8
EPSS Score
0.003
Published
2021-09-23
An HTTP Host header injection vulnerability exists in YzmCMS V5.3. A malicious user can poison a web cache or trigger redirections.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-09-26
admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant denial of service by adding a superseding route.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-09-21