CVE-2026-5249
- EPSS 0.03%
- Veröffentlicht 01.04.2026 01:30:16
- Zuletzt bearbeitet 01.04.2026 14:23:37
A vulnerability was found in gougucms 4.08.18. This impacts an unknown function of the file \gougucms-master\app\admin\view\user\record.html of the component Record Endpoint. Performing a manipulation of the argument value.content results in cross si...
CVE-2026-5248
- EPSS 0.05%
- Veröffentlicht 01.04.2026 00:45:12
- Zuletzt bearbeitet 01.04.2026 14:23:37
A vulnerability has been found in gougucms 4.08.18. This affects the function reg_submit of the file gougucms-master\app\home\controller\Login.php of the component User Registration Handler. Such manipulation of the argument level leads to dynamicall...
CVE-2025-2366
- EPSS 0.09%
- Veröffentlicht 17.03.2025 07:00:06
- Zuletzt bearbeitet 15.04.2026 00:35:42
A vulnerability, which was classified as problematic, was found in gougucms 4.08.18. This affects the function add of the file /admin/department/add of the component Add Department Page. The manipulation of the argument title leads to cross site scri...
CVE-2023-46393
- EPSS 0.03%
- Veröffentlicht 27.10.2023 14:15:08
- Zuletzt bearbeitet 21.11.2024 08:28:26
gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.
CVE-2023-46394
- EPSS 0.08%
- Veröffentlicht 27.10.2023 14:15:08
- Zuletzt bearbeitet 21.11.2024 08:28:26
A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter.