Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2018-12971

Disclosure Date: June 29, 2018 (last updated November 26, 2024)
EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users.
0
0
Attacker Value
Unknown

CVE-2018-10527

Disclosure Date: April 28, 2018 (last updated November 26, 2024)
EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields are affected: title, keyword, abstract, and content, as demonstrated by the /admin/index/index.html#listarticle URI.
0
0
Attacker Value
Unknown

CVE-2018-10374

Disclosure Date: April 25, 2018 (last updated November 26, 2024)
EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) in an index.php?s=/index/search/index.html request.
0
0