Yzmcms
by Yzmcms
Source repositories
CVEs (45)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-9660 | 0.00 | — | 0.01 | Mar 11, 2019 | Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html "catname" parameter. | |||
| CVE-2019-9570 | 0.00 | — | 0.01 | Mar 5, 2019 | An issue was discovered in YzmCMS 5.2.0. It has XSS via the bottom text field to the admin/system_manage/save.html URI, related to the site_code parameter. | |||
| CVE-2018-20015 | 0.00 | — | 0.01 | Dec 10, 2018 | YzmCMS v5.2 has admin/role/add.html CSRF. | |||
| CVE-2018-19849 | 0.00 | — | 0.00 | Dec 4, 2018 | An issue was discovered in YzmCMS 5.2. XSS exists via the admin/content/search.html searinfo parameter. | |||
| CVE-2018-19092 | 0.00 | — | 0.01 | Nov 7, 2018 | An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie. |
- CVE-2019-9660Mar 11, 2019risk 0.00cvss —epss 0.01
Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html "catname" parameter.
- CVE-2019-9570Mar 5, 2019risk 0.00cvss —epss 0.01
An issue was discovered in YzmCMS 5.2.0. It has XSS via the bottom text field to the admin/system_manage/save.html URI, related to the site_code parameter.
- CVE-2018-20015Dec 10, 2018risk 0.00cvss —epss 0.01
YzmCMS v5.2 has admin/role/add.html CSRF.
- CVE-2018-19849Dec 4, 2018risk 0.00cvss —epss 0.00
An issue was discovered in YzmCMS 5.2. XSS exists via the admin/content/search.html searinfo parameter.
- CVE-2018-19092Nov 7, 2018risk 0.00cvss —epss 0.01
An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie.
Page 3 of 3