An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password.
6.5CVSS
6.4AI Score
0.001EPSS
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /app/controller/Books.php.
9.8CVSS
9.7AI Score
0.002EPSS