9 matches found
EUVD-2018-2206
Malware in sbrugna...
CVE-2018-10128
An issue was discovered in XYHCMS 3.5. It has XSS via the test parameter to index.php...
Cross site request forgery (csrf)
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account...
CVE-2018-14583
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account...
CVE-2018-10128
An issue was discovered in XYHCMS 3.5. It has XSS via the test parameter to index.php...
Cross site request forgery (csrf)
An issue was discovered in XYHCMS 3.5. It has CSRF via an index.php?g=Manage&m=Rbac&a=addUser request, resulting in addition of an account with the administrator role...
Design/Logic Flaw
An issue was discovered in XYHCMS 3.5. It has XSS via the test parameter to index.php...
CVE-2018-10127
An issue was discovered in XYHCMS 3.5. It has CSRF via an index.php?g=Manage&m=Rbac&a=addUser request, resulting in addition of an account with the administrator role...
CVE-2018-10128
An issue was discovered in XYHCMS 3.5. It has XSS via the test parameter to index.php...