VYPR

Dswjcms

by tifaweb

CVEs (2)

  • CVE-2020-19265MedSep 9, 2021
    risk 0.40cvss 6.1epss 0.01

    A stored cross-site scripting (XSS) vulnerability in the index.php/Dswjcms/Basis/links component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML.

  • CVE-2020-19268MedSep 9, 2021
    risk 0.37cvss 5.7epss 0.00

    A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.