Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2020-21656
- EPSS 0.19%
- Published 06.10.2021 22:15:07
- Last modified 21.11.2024 05:12:45
XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index.
4.5
CVE-2020-20586
- EPSS 0.14%
- Published 08.07.2021 16:15:08
- Last modified 21.11.2024 05:12:08
A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s=/Auth/editUser URI of XYHCMS V3.6 allows attackers to edit any information of the administrator such as the name, e-mail, and password.
8.8
CVE-2018-14583
- EPSS 0.15%
- Published 24.07.2018 16:29:00
- Last modified 21.11.2024 03:49:21
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account.
1