10 matches found
CVE-2018-9993
YUNUCMS 1.0.7 has XSS via the content title on an admin/content/addcontent/cid/ page aka a news center page...
CVE-2018-19180
statics/app/index/controller/Install.php in YUNUCMS 1.1.5 if install.lock is not present allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DBPREFIX field, which is written to database.php...
EUVD-2019-14915
Malware in sbrugna...
EUVD-2018-10891
Malware in sbrugna...
CVE-2020-18446
Cross Site Scripting XSS vulnerability exists in YUNUCMS 1.1.9 via the param parameter in the insertContent function in ContentModel.php...
CVE-2019-5310
YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by sitetitle in an admin/system/basic POST request...
CVE-2018-17322
Cross-site scripting XSS vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter...
Zhenjiang Yunyu Network Technology Co., Ltd. YUNUCMS exists sql injection vulnerability
CloudYou CMS is a free + open source urban substation content management system based on TP5.0 framework as the core development. Zhenjiang Yunyu Network Technology Co., Ltd. YUNUCMS there is a sql injection vulnerability, attackers can use the vulnerability to obtain database sensitive informati...
Code Execution Vulnerability in YUNUCMS v1.1.1 S***.php Page
YUNUCMS enterprise website management system YUNUCMS is a set of professional marketing enterprise building system based on PHP + MYSQL as the core development. A code execution vulnerability exists in the S.php page of YUNUCMS v1.1.1. An attacker can exploit the vulnerability to execute arbitrar...
Code Execution Vulnerability in YUNUCMS v1.1.1
YUNUCMS enterprise website management system YUNUCMS is a set of professional marketing enterprise building system based on PHP + MYSQL as the core development. Code execution vulnerability exists in YUNUCMS v1.1.1. An attacker can exploit the vulnerability to execute arbitrary code and gain...