44 results (0.013 seconds)

CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 1

EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /admin/twitter.php?active_t. Se descubrió que EyouCms v1.6.2 contiene una vulnerabilidad de Cross-Site Scripting (XSS) Reflejada a través del componente /admin/twitter.php?active_t. • https://github.com/emlog/emlog/issues/238 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1

A stored cross-site scripting (XSS) vulnerability in Eyoucms v1.6.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the web_recordnum parameter. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en Eyoucms v1.6.2 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de una carga útil manipulada inyectada en el parámetro "web_recordnum". • https://github.com/weng-xianhu/eyoucms/issues/43 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

EyouCMS 1.6.2 is vulnerable to Cross Site Scripting (XSS). • https://github.com/weng-xianhu/eyoucms/issues/42 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function. • https://github.com/weng-xianhu/eyoucms/issues/41 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

EyouCms V1.6.1-UTF8-sp1 is vulnerable to Cross Site Scripting (XSS). • https://github.com/weng-xianhu/eyoucms/issues/40 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •