Cxuucms Security Vulnerabilities and Issues — Cxuucms CVE List

Lucene search

CxuuCxuucms

5 matches found

CVE•added 2020/12/26 4:15 a.m.•80 views

CVE-2020-35347

CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add.

6.5CVSS6.5AI score0.00117EPSS

CVE•added 2020/12/26 4:15 a.m.•75 views

CVE-2020-35346

CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content&a=add.

4.8CVSS4.9AI score0.00176EPSS

CVE•added 2020/12/27 7:15 a.m.•67 views

CVE-2020-29249

CXUUCMS V3 allows class="layui-input" XSS.

6.1CVSS6.3AI score0.0024EPSS

CVE•added 2020/12/27 7:15 a.m.•66 views

CVE-2020-29250

CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php.

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2020/11/18 5:15 p.m.•52 views

CVE-2020-28091

cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php.

7.5CVSS7.8AI score0.03584EPSS