Dswjcms Project: >> Dswjcms >> 1.6.4 Security Vulnerabilities
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-09-09
A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-09-09
An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-09-09
A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.
CVSS Score
5.7
EPSS Score
0.001
Published
2021-09-09