NotCVE - vendor:"Eyoucms" product:"Eyoucms" version:" <= 1.6.2"

Page 9 of 44 results (0.086 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-21930

https://notcve.org/view.php?id=CVE-2020-21930

A stored cross site scripting (XSS) vulnerability in the web_attr_2 field of Eyoucms v1.4.1 allows authenticated attackers to execute arbitrary web scripts or HTML. Una vulnerabilidad de tipo cross site scripting (XSS) almacenado en el campo web_attr_2 de Eyoucms versión v1.4.1, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario • https://github.com/eyoucms/eyoucms/issues/9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-21929

https://notcve.org/view.php?id=CVE-2020-21929

A stored cross site scripting (XSS) vulnerability in the web_copyright field of Eyoucms v1.4.1 allows authenticated attackers to execute arbitrary web scripts or HTML. Una vulnerabilidad de tipo cross site scripting (XSS) almacenado en el campo web_copyright de Eyoucms versión v1.4.1, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario • https://github.com/eyoucms/eyoucms/issues/8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-18129

https://notcve.org/view.php?id=CVE-2020-18129

A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an admin account via login.php. Una vulnerabilidad de tipo CSRF en Eyoucms versión v1.2.7, permite a un atacante agregar una cuenta de administrador por medio del archivo login.php • https://baike.baidu.com/item/CSRF/2735433?fr=aladdin • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-17430

https://notcve.org/view.php?id=CVE-2019-17430

EyouCms through 2019-07-11 has XSS related to the login.php web_recordnum parameter. EyouCms versiones hasta 11-07-2019, presenta una vulnerabilidad de tipo XSS relacionada con el parámetro web_recordnum del archivo login.php. • https://github.com/eyoucms/eyoucms/blob/a809931d8ae0a94584f472cdedabf6f3cf42bd57/core/library/think/template/taglib/eyou/TagGlobal.php#L116-L119 https://github.com/eyoucms/eyoucms/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...7 8 9