Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the param parameter in the insertContent function in...
4.8CVSS
6.3AI Score
0.001EPSS
Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the upurl function in...
6.1CVSS
6.3AI Score
0.001EPSS
An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw...
6.1CVSS
6.5AI Score
0.001EPSS
YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST...
6.1CVSS
6.4AI Score
0.001EPSS
statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to...
9.8CVSS
8.3AI Score
0.014EPSS
statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock...
7.5CVSS
7.4AI Score
0.001EPSS
4.8CVSS
6.4AI Score
0.001EPSS
An XSS issue was discovered in index.php/admin/area/editarea/id/110000 in YUNUCMS...
4.8CVSS
6.4AI Score
0.001EPSS
An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS...
4.8CVSS
6.4AI Score
0.001EPSS
4.8CVSS
6.4AI Score
0.001EPSS
4.8CVSS
6.4AI Score
0.001EPSS
An XSS issue was discovered in admin/content/editcontent?id=29&gopage=1 in YUNUCMS...
4.8CVSS
6.4AI Score
0.001EPSS
4.8CVSS
6.4AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area...
6.1CVSS
6.3AI Score
0.001EPSS
YUNUCMS 1.0.7 has XSS via the content title on an admin/content/addcontent/cid/## page (aka a news center...
4.8CVSS
6.2AI Score
0.001EPSS