4 matches found
CVE-2020-20642
Cross Site Request Forgery CSRF vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin=Filemanager=newfile⟨=cn...
CVE-2020-20642
Cross Site Request Forgery CSRF vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn...
CVE-2020-20642
Cross Site Request Forgery CSRF vulnerability exists in EyouCMS 1.3.6 that can add an htm page to execute the js code via login.php?m=admin&c=Filemanager&a=newfile&lang=cn...
CVE-2020-20642
CVE-2020-20642: CSRF vulnerability in EyouCMS 1.3.6 allows adding an HTML page to execute JavaScript via login.php?m=admin&c=Filemanager&a=newfile&lang=cn. Affected product is EyouCMS (ThinkPHP-based). Root cause: cross-site request forgery enabling unauthorized page creation; exact exploit path ...