Cxuu: >> Cxuucms >> 3.1 Security Vulnerabilities
SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php.
CVSS Score
7.2
EPSS Score
0.003
Published
2021-08-27
Multiple Cross Site Scripting (XSS) vulnerabilities exists in CXUUCMS 3.1 in the search and c parameters in (1) public/search.php and in the (2) c parameter in admin.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-08-23
CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content&a=add.
CVSS Score
4.8
EPSS Score
0.002
Published
2020-12-26
CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-12-26