Eyoucms

Eyoucms

75 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-1107

Exploit
  • EPSS 0.02%
  • Veröffentlicht 18.01.2026 00:32:06
  • Zuletzt bearbeitet 27.02.2026 03:47:44

A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function check_userinfo of the file Diyajax.php of the component Member Avatar Handler. Executing a manipulation of the argument viewfile can lead to unrestricted upload. The ...

8.8

CVE-2025-15375

Exploit
  • EPSS 0.05%
  • Veröffentlicht 31.12.2025 05:02:09
  • Zuletzt bearbeitet 24.02.2026 07:17:08

A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of the file application/api/controller/Ajax.php of the component arcpagelist Handler. Executing a manipulation of the argument attstr can lead to deseriali...

5.4

CVE-2025-15374

Exploit
  • EPSS 0.03%
  • Veröffentlicht 31.12.2025 04:32:08
  • Zuletzt bearbeitet 24.02.2026 07:17:08

A vulnerability was detected in EyouCMS up to 1.7.7. The affected element is an unknown function of the file application/home/model/Ask.php of the component Ask Module. Performing a manipulation of the argument content results in cross site scripting...

4.3

CVE-2025-15373

Exploit
  • EPSS 0.03%
  • Veröffentlicht 31.12.2025 04:02:08
  • Zuletzt bearbeitet 02.01.2026 15:15:58

A security vulnerability has been detected in EyouCMS up to 1.7.7. Impacted is the function saveRemote of the file application/function.php. Such manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exp...

7.2

CVE-2025-15143

Exploit
  • EPSS 0.03%
  • Veröffentlicht 28.12.2025 16:15:51
  • Zuletzt bearbeitet 24.02.2026 07:16:58

A security flaw has been discovered in EyouCMS up to 1.7.6. The affected element is an unknown function of the file /application/admin/logic/FilemanagerLogic.php of the component Backend Template Management. The manipulation of the argument content r...

7.5

CVE-2025-65868

Exploit
  • EPSS 0.16%
  • Veröffentlicht 03.12.2025 00:00:00
  • Zuletzt bearbeitet 16.12.2025 19:13:40

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

6.1

CVE-2025-52335

  • EPSS 0.02%
  • Veröffentlicht 14.08.2025 00:00:00
  • Zuletzt bearbeitet 18.08.2025 15:00:05

EyouCMS 1.7.3 is vulnerale to Cross Site Scripting (XSS) in index.php, which can be exploited to obtain sensitive information.

6.1

CVE-2024-52680

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.08.2025 00:00:00
  • Zuletzt bearbeitet 14.08.2025 20:10:55

EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn.

7.2

CVE-2024-11211

  • EPSS 0.05%
  • Veröffentlicht 14.11.2024 15:15:08
  • Zuletzt bearbeitet 19.11.2024 19:01:51

A vulnerability classified as critical has been found in EyouCMS up to 1.6.7. Affected is an unknown function of the component Website Logo Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The expl...

5.4

CVE-2024-11210

Exploit
  • EPSS 0.08%
  • Veröffentlicht 14.11.2024 15:15:07
  • Zuletzt bearbeitet 19.11.2024 18:42:44

A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the argument activepath leads to path traversal. The atta...