VYPR
Vendor

Bycms

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2020-18457MedAug 12, 2021
    risk 0.44cvss 6.8epss 0.00

    Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html.

  • CVE-2020-18454MedAug 12, 2021
    risk 0.44cvss 6.8epss 0.00

    Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admin.php/systems/index/module_id/70/group_id/1.html.

  • CVE-2020-18455MedAug 12, 2021
    risk 0.31cvss 4.8epss 0.01

    Cross Site Scripting (XSS) vulnerability exists in bycms v3.0.4 via the title parameter in the edit function in Document.php.