CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23031
https://notcve.org/view.php?id=CVE-2024-23031
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. Una vulnerabilidad de cross site scripting (XSS) en el parámetro is_water en eyoucms v.1.6.5 permite a un atacante remoto ejecutar código arbitrario a través de una URL manipulada. • https://github.com/weng-xianhu/eyoucms/issues/57 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 11%CPEs: 1EXPL: 1CVE-2024-22927
https://notcve.org/view.php?id=CVE-2024-22927
Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. Una vulnerabilidad de cross site scripting (XSS) en el parámetro func en eyoucms v.1.6.5 permite a un atacante remoto ejecutar código arbitrario a través de una URL manipulada. • https://github.com/weng-xianhu/eyoucms/issues/57 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23033
https://notcve.org/view.php?id=CVE-2024-23033
Cross Site Scripting vulnerability in the path parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. Una vulnerabilidad de cross site scripting en el parámetro path en eyoucms v.1.6.5 permite a un atacante remoto ejecutar código arbitrario a través de una URL manipulada. • https://github.com/weng-xianhu/eyoucms/issues/57 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23034
https://notcve.org/view.php?id=CVE-2024-23034
Cross Site Scripting vulnerability in the input parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. Una vulnerabilidad de cross site scripting en el parámetro input en eyoucms v.1.6.5 permite a un atacante remoto ejecutar código arbitrario a través de una URL manipulada. • https://github.com/weng-xianhu/eyoucms/issues/57 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23032
https://notcve.org/view.php?id=CVE-2024-23032
Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. Vulnerabilidad de cross site scripting en el parámetro num en eyoucms v.1.6.5 permite a un atacante remoto ejecutar código arbitrario a través de una URL manipulada. • https://github.com/weng-xianhu/eyoucms/issues/57 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •