CVE-2018-12971

EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users...

CVE-2018-12971

EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users...

CVE-2018-12971

EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users...

CVE-2018-10374

EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...

CVE-2018-10374

EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...

Server side request forgery (ssrf)

EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...

CVE-2018-10374

EasyCMS 1.3 has XSS via the s POST parameter aka a search box value in an index.php?s=/index/search/index.html request...