15 matches found
CVE-2023-36093
There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...
CVE-2023-37645
eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custommodelpath/recruit.filelist.txt...
Information disclosure
eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custommodelpath/recruit.filelist.txt...
CVE-2023-37645
eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custommodelpath/recruit.filelist.txt...
CVE-2023-37645
eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custommodelpath/recruit.filelist.txt...
CVE-2023-37645
Summary : CVE-2023-37645 affects EyouCMS v1.6.3, with an information disclosure vulnerability exposed via the component /custom_model_path/recruit.filelist.txt. Affects : EyouCMS 1.6.3 (no other versions confirmed in the provided documents). Root cause : Information leakage through the specified ...
CVE-2023-37136
A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37136
A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37136
A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37133
A stored cross-site scripting XSS vulnerability in the Column management module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37135
CVE-2023-37135 is a stored cross-site scripting (XSS) vulnerability in the Image Upload module of eyoucms v1.6.3. A crafted payload can cause arbitrary web scripts/HTML to execute in a user context. Affected component: Image Upload in eyoucms 1.6.3. Root cause: stored XSS (no deeper technical det...
CVE-2023-36093
There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...
CVE-2023-36093
There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...
CVE-2023-36093
CVE-2023-36093 affects EyouCMS v1.6.3 on the backend Basic Information page, with a stored XSS vulnerability in the filing number. The NVD metrics indicate CVSS v3.1 base score 5.4 (Medium), network attack vector, low attack complexity, privileges required: low, user interaction required, scope c...