Cross-site scripting (XSS) vulnerability in YzmCMS thru 7.3 via the referer header in the register page.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-09-23
Cross Site Scripting (XSS) vulnerability in YzmCMS 7.0 allows attackers to run arbitrary code via Ads Management, Carousel Management, and System Settings.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-05-06
An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-02-06
member/index/register.html in YzmCMS 6.5 through 7.0 allows XSS via the Referer HTTP header.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-01-11