CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37135
https://notcve.org/view.php?id=CVE-2023-37135
A stored cross-site scripting (XSS) vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. • https://github.com/weng-xianhu/eyoucms/issues/48 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37133
https://notcve.org/view.php?id=CVE-2023-37133
A stored cross-site scripting (XSS) vulnerability in the Column management module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. • https://github.com/weng-xianhu/eyoucms/issues/46 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36093
https://notcve.org/view.php?id=CVE-2023-36093
There is a storage type cross site scripting (XSS) vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3 • https://github.com/weng-xianhu/eyoucms/issues/44 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34657
https://notcve.org/view.php?id=CVE-2023-34657
A stored cross-site scripting (XSS) vulnerability in Eyoucms v1.6.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the web_recordnum parameter. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en Eyoucms v1.6.2 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de una carga útil manipulada inyectada en el parámetro "web_recordnum". • https://github.com/weng-xianhu/eyoucms/issues/43 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-33492
https://notcve.org/view.php?id=CVE-2023-33492
EyouCMS 1.6.2 is vulnerable to Cross Site Scripting (XSS). • https://github.com/weng-xianhu/eyoucms/issues/42 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •