VYPR
Vendor

Muyucms

Products
2
CVEs
15
Across products
15
Status
Private

Products

2

Recent CVEs

15
  • CVE-2020-21652CriOct 6, 2021
    risk 0.64cvss 9.8epss 0.03

    Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the addqq() method.

  • CVE-2020-21651CriOct 6, 2021
    risk 0.64cvss 9.8epss 0.03

    Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\point.php, which can be exploited via the add() method.

  • CVE-2020-21653CriOct 6, 2021
    risk 0.59cvss 9.1epss 0.01

    Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.

  • CVE-2020-21650HigOct 6, 2021
    risk 0.57cvss 8.8epss 0.03

    Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller\Config.php, which can be exploited via the add() method.

  • CVE-2023-27701HigMar 28, 2023
    risk 0.53cvss 8.1epss 0.01

    MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /database/sqldel.html.

  • CVE-2023-27700HigMar 28, 2023
    risk 0.53cvss 8.1epss 0.01

    MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /accessory/picdel.html.

  • CVE-2020-21649HigOct 6, 2021
    risk 0.53cvss 8.1epss 0.01

    Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.

  • CVE-2025-10787MedSep 22, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely.…

  • CVE-2023-1046MedFeb 26, 2023
    risk 0.41cvss 6.3epss 0.01

    A vulnerability classified as critical has been found in MuYuCMS 2.2. This affects an unknown part of the file /admin.php/update/getFile.html. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit…

  • CVE-2023-1044MedFeb 26, 2023
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in MuYuCMS 2.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /editor/index.php. The manipulation of the argument file_path leads to relative path traversal. The attack can be launched…

  • CVE-2023-1043MedFeb 26, 2023
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an unknown function of the file /editor/index.php. The manipulation of the argument dir_path leads to relative path traversal. It is possible to launch the attack remotely. The exploit…

  • CVE-2023-1002MedFeb 24, 2023
    risk 0.28cvss 4.3epss 0.01

    A vulnerability, which was classified as problematic, has been found in MuYuCMS 2.2. This issue affects some unknown processing of the file index.php. The manipulation of the argument file_path leads to path traversal. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-15589LowFeb 24, 2026
    risk 0.25cvss 3.8epss 0.01

    A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the component Template Management Page. This manipulation of the argument temn/tp causes path traversal. It is possible to initiate…

  • CVE-2023-1045LowFeb 26, 2023
    risk 0.25cvss 3.8epss 0.01

    A vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin.php/accessory/filesdel.html. The manipulation of the argument filedelur leads to relative path traversal. The attack may be…

  • CVE-2025-10993Sep 26, 2025
    risk 0.00cvss epss 0.00

    A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely.