Lucene search
Hyweb Security Vulnerabilities
cve
Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting)...
5.4CVSS
5.2AI Score
0.001EPSS
2021-01-22 09:15 AM
33
2
cve
Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without...
8.8CVSS
9.1AI Score
0.004EPSS
2021-01-22 09:15 AM
38
3