Filtered by vendor Eyoucms
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26279 | 1 Eyoucms | 1 Eyoucms | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. | |||||
| CVE-2020-24000 | 1 Eyoucms | 1 Eyoucms | 2021-11-04 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php. | |||||
| CVE-2021-39497 | 1 Eyoucms | 1 Eyoucms | 2021-09-14 | 7.5 HIGH | 9.8 CRITICAL |
| eyoucms 1.5.4 lacks sanitization of input data, allowing an attacker to inject a url to trigger blind SSRF via the saveRemote() function. | |||||