CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44387
https://notcve.org/view.php?id=CVE-2022-44387
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Basic Information component under the Edit Member module. Se descubrió que EyouCMS V1.5.9-UTF8-SP1 contenía un vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del componente Información básica en el módulo Editar miembro. • https://github.com/weng-xianhu/eyoucms/issues/29 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44389
https://notcve.org/view.php?id=CVE-2022-44389
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. This vulnerability allows attackers to arbitrarily change Administrator account information. Se descubrió que EyouCMS V1.5.9-UTF8-SP1 contenía una vulnerabilidad de Cross-Site Request Forgery (CSRF) a través del módulo Editar perfil de administrador. Esta vulnerabilidad permite a los atacantes cambiar arbitrariamente la información de la cuenta del administrador. • https://github.com/weng-xianhu/eyoucms/issues/30 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44390
https://notcve.org/view.php?id=CVE-2022-44390
A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field. Una vulnerabilidad de Cross-Site Scripting (XSS) en EyouCMS V1.5.9-UTF8-SP1 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectada en el campo de texto Número de Registro de Seguridad Pública. • https://github.com/weng-xianhu/eyoucms/issues/31 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43323
https://notcve.org/view.php?id=CVE-2022-43323
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit Member module. Se descubrió que EyouCMS V1.5.9-UTF8-SP1 contenía Cross-Site Request Forgery (CSRF) a través del componente Recarga de saldo en el módulo Editar miembro. • https://github.com/weng-xianhu/eyoucms/issues/28#issue-1410026516 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41500
https://notcve.org/view.php?id=CVE-2022-41500
EyouCMS V1.5.9 was discovered to contain multiple Cross-Site Request Forgery (CSRF) vulnerabilities via the Members Center, Editorial Membership, and Points Recharge components. Se ha detectado que EyouCMS versión V1.5.9, contiene múltiples vulnerabilidades de tipo Cross-Site Request Forgery (CSRF) por medio de los componentes Members Center, Editorial Membership y Points Recharge • https://github.com/weng-xianhu/eyoucms/issues/27#issue-1410014422 • CWE-352: Cross-Site Request Forgery (CSRF) •