CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

754 matches found

EyouCMS 1.5.4 Open Redirect

EyouCMS 1.5.4 is vulnerable to an Open Redirect vulnerability. An attacker can redirect a user to a malicious url via the Logout function. id: CVE-2021-39501 info: name: EyouCMS 1.5.4 Open Redirect author: 0xAkoko severity: medium description: EyouCMS 1.5.4 is vulnerable to an Open Redirect...

6.1CVSS6.4AI score0.31906EPSS

Exploits1References5

Nuclei•added yesterday•31 views

EyouCms v1.6.3 - Information Disclosure

EyouCms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custommodelpath/recruit.filelist.txt. id: CVE-2023-37645 info: name: EyouCms v1.6.3 - Information Disclosure author: pussycat0x severity: medium description: | EyouCms v1.6.3 was discovered to...

5.3CVSS6AI score0.47838EPSS

Exploits1References1

Nuclei•added yesterday•16 views

EyouCms v1.6.2 - Cross-Site Scripting

EyouCms v1.6.2 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /admin/twitter.php?activet. id: CVE-2023-41597 info: name: EyouCms v1.6.2 - Cross-Site Scripting author: ritikchaddha severity: medium description: | EyouCms v1.6.2 was discovered to...

6.1CVSS6.2AI score0.11489EPSS

Exploits1

Nuclei•added yesterday•43 views

eyoucms v.1.6.5 - Cross-Site Scripting

Cross Site Scripting XSS vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. id: CVE-2024-22927 info: name: eyoucms v.1.6.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross Site Scripting XSS...

6.1CVSS6.7AI score0.17866EPSS

Exploits1References2

SUSE CVE•added 2026/05/26 2:1 a.m.•6 views

SUSE CVE-2023-2058

A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit&tabid=12&id=4 of the component HTTP POST Request Handler. The manipulation of the argument...

6.1CVSS3.8AI score0.00355EPSS

Exploits1References4

NVD•added 2026/04/29 4:16 p.m.•0 views

CVE-2026-7389

A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The manipulation of the argument sortasc leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly an...

7.5CVSS0.0004EPSS

Exploits0References4

NVD•added 2026/04/29 4:16 p.m.•1 views

CVE-2026-7388

A weakness has been identified in EyouCMS up to 1.7.9. Impacted is the function editFile of the file application/admin/logic/FilemanagerLogic.php of the component Template File Handler. Executing a manipulation can lead to code injection. The attack can be launched remotely. The exploit has been...

5.8CVSS0.00057EPSS

Exploits0References4

Cvelist•added 2026/04/29 3:30 p.m.•21 views

CVE-2026-7389 EyouCMS common.php GetSortData sql injection

7.5CVSS0.0004EPSS

Exploits0References4

EUVD•added 2026/04/29 3:30 p.m.•2 views

EUVD-2026-26252

7.5CVSS7.1AI score0.0004EPSS

Exploits0References4

ATTACKERKB•added 2026/04/29 3:30 p.m.•1 views

CVE-2026-7389

7.5CVSS7.1AI score0.0004EPSS

Exploits0References4

Vulnrichment•added 2026/04/29 3:30 p.m.•0 views

CVE-2026-7389 EyouCMS common.php GetSortData sql injection

7.5CVSS7.1AI score0.0004EPSS

Exploits0References4

CVE•added 2026/04/29 3:30 p.m.•3 views

CVE-2026-7389

EyouCMS (up to 1.7.9) is affected by a SQL injection in GetSortData (application/common.php) caused by manipulating the sort_asc argument. The vulnerability can be triggered remotely and its exploit has been publicly disclosed; the project owner was informed via issue reports but has not responde...

7.5CVSS7.2AI score0.0004EPSS

Exploits0References4

CVE•added 2026/04/29 3:15 p.m.•6 views

CVE-2026-7388

CVE-2026-7388 affects EyouCMS up to version 1.7.9, specifically the Template File Handler’s FilemanagerLogic.php editFile function. The weakness enables code injection via remote manipulation of the editFile workflow. Public exploit appears available and the vendor has not publicly responded to t...

5.8CVSS5.1AI score0.00057EPSS

Exploits0References4

Vulnrichment•added 2026/04/29 3:15 p.m.•0 views

CVE-2026-7388 EyouCMS Template File FilemanagerLogic.php editFile code injection

5.8CVSS4.9AI score0.00057EPSS

Exploits0References4

ATTACKERKB•added 2026/04/29 3:15 p.m.•2 views

CVE-2026-7388

5.8CVSS4.9AI score0.00057EPSS

Exploits0References4

EUVD•added 2026/04/29 3:15 p.m.•2 views

EUVD-2026-26251

5.8CVSS5AI score0.00057EPSS

Exploits0References4

Cvelist•added 2026/04/29 3:15 p.m.•27 views

CVE-2026-7388 EyouCMS Template File FilemanagerLogic.php editFile code injection

5.8CVSS0.00057EPSS

Exploits0References4

CNNVD•added 2026/04/29 12:0 a.m.•3 views

EyouCMS 注入漏洞

EyouCMS is an open-source content management system CMS developed by Eyou Corporation in China, based on ThinkPHP. EyouCMS versions 1.7.9 and earlier have a vulnerability related to injection attacks. This vulnerability arises from improper handling of the sortasc parameter in the GetSortData...

7.5CVSS7.2AI score0.0004EPSS

Exploits0References1

CNNVD•added 2026/04/29 12:0 a.m.•3 views

EyouCMS 注入漏洞

5.8CVSS5.9AI score0.00057EPSS

Exploits0References1

Positive Technologies•added 2026/04/29 12:0 a.m.•2 views

PT-2026-35953

A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The manipulation of the argument sort asc leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly a...

7.5CVSS7.1AI score0.0004EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by