CVE-2018-10295
ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account.
8.8CVSS
8.7AI Score
0.001EPSS
CVE-2018-16346
ChemCMS 1.0.6 has XSS via the "setting -> website information" field.
4.8CVSS
4.8AI Score