Product:

Cxuucms

(Cxuu)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 8
Date Id Summary Products Score Patch Annotated
2020-11-18 CVE-2020-28091 cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php. Cxuucms 7.5
2020-12-26 CVE-2020-35346 CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content&a=add. Cxuucms 4.8
2020-12-26 CVE-2020-35347 CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add. Cxuucms 6.5
2020-12-27 CVE-2020-29249 CXUUCMS V3 allows class="layui-input" XSS. Cxuucms 6.1
2020-12-27 CVE-2020-29250 CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php. Cxuucms 6.1
2021-08-23 CVE-2021-39599 Multiple Cross Site Scripting (XSS) vulnerabilities exists in CXUUCMS 3.1 in the search and c parameters in (1) public/search.php and in the (2) c parameter in admin.php. Cxuucms 6.1
2021-08-27 CVE-2021-3264 SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php. Cxuucms 7.2
2022-03-29 CVE-2021-42970 Cross Site Scripting (XSS) vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter. Cxuucms 6.1