VYPR

Yunucms

by Yunucms

CVEs (13)

  • CVE-2020-18446Aug 12, 2021
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the param parameter in the insertContent function in ContentModel.php.

  • CVE-2020-18445Aug 12, 2021
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via the upurl function in Page.php.

  • CVE-2019-5311Jan 4, 2019
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter.

  • CVE-2018-19180Nov 11, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.01

    statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to database.php.

  • CVE-2018-19181Nov 11, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.01

    statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file.

  • CVE-2018-18726Oct 28, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in YUNUCMS 1.1.5.

  • CVE-2018-18722Oct 28, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    An XSS issue was discovered in admin/content/editcontent?id=29&gopage=1 in YUNUCMS 1.1.5.

  • CVE-2018-18721Oct 28, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1.5.

  • CVE-2018-18725Oct 28, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    An XSS issue was discovered in admin/banner/editbanner?id=20 in YUNUCMS 1.1.5.

  • CVE-2018-18724Oct 28, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS 1.1.5.

  • CVE-2018-18720Oct 28, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5.

  • CVE-2018-17322Sep 22, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter.

  • CVE-2018-9993Apr 10, 2018
    Yunucms
    Yunucms
    risk 0.00cvss epss 0.00

    YUNUCMS 1.0.7 has XSS via the content title on an admin/content/addcontent/cid/## page (aka a news center page).