5 matches found
CVE-2023-42286
There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4, allowing attackers to execute code or system commands through a carefully crafted malicious payload...
CVE-2023-48881
A stored cross-site scripting XSS vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field Title field at /login.php?m=admin&c=Field&a=arctypeadd&ajax=1&lang=cn...
CVE-2023-48881
A stored cross-site scripting XSS vulnerability in EyouCMS v1.6.4-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field Title field at /login.php?m=admin&c=Field&a=arctypeadd&ajax=1&lang=cn...
CVE-2023-46935
eyoucms v1.6.4 is vulnerable Cross Site Scripting XSS, which can lead to stealing sensitive information of logged-in users...
CVE-2023-46935
eyoucms v1.6.4 is vulnerable Cross Site Scripting XSS, which can lead to stealing sensitive information of logged-in users...