Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Xunruicms Security Vulnerabilities

cve
cve

CVE-2024-24388

Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive information via crafted malicious requests to the background...

6.1CVSS

6AI Score

0.001EPSS

2024-02-02 10:15 AM
14
cve
cve

CVE-2023-1680

A vulnerability, which was classified as problematic, has been found in Xunrui CMS 4.61. This issue affects some unknown processing of the file /dayrui/My/View/main.html. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the...

7.5CVSS

7.4AI Score

0.001EPSS

2023-03-29 03:15 PM
21
cve
cve

CVE-2023-1683

A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to...

7.5CVSS

7.3AI Score

0.001EPSS

2023-03-29 01:15 AM
15
cve
cve

CVE-2023-1682

A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dayrui/My/Config/Install.txt. The manipulation leads to direct request. The attack can be launched remotely. The exploit has been disclosed to...

7.5CVSS

7.6AI Score

0.001EPSS

2023-03-29 12:15 AM
21
cve
cve

CVE-2023-1681

A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61. Affected is an unknown function of the file /config/myfield/test.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and....

7.5CVSS

7.4AI Score

0.001EPSS

2023-03-28 11:15 PM
21
cve
cve

CVE-2021-38243

xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. This vulnerability allows attackers to execute arbitrary code via a crafted GET...

9.8CVSS

9.8AI Score

0.003EPSS

2023-09-27 03:15 PM
40
cve
cve

CVE-2023-49490

XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component...

6.1CVSS

6AI Score

0.0005EPSS

2023-12-11 09:15 PM
15
cve
cve

CVE-2022-30037

XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in...

7.2CVSS

7.3AI Score

0.001EPSS

2023-03-23 02:15 AM
20
cve
cve

CVE-2022-36224

XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery...

8.8CVSS

8.6AI Score

0.001EPSS

2022-08-19 05:15 PM
31
6
cve
cve

CVE-2019-17074

An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in the module_category...

5.4CVSS

5.1AI Score

0.001EPSS

2019-10-01 08:15 PM
83