yux1azhengye/mycve

yux1azhengye/mycve

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

some of my bugs

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-43233 ↗	Sep 27, 2023Wednesday, 27 September 2023, 23:15	6.1 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the cms/content/edit component of YZNCMS v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter.
CVE-2023-43856 ↗	Sep 27, 2023Wednesday, 27 September 2023, 15:19	7.5 HIGH	—
Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java.
CVE-2023-43232 ↗	Sep 27, 2023Wednesday, 27 September 2023, 15:19	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the Website column management function of DedeBIZ v6.2.11 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter.
CVE-2023-43234 ↗	Sep 27, 2023Wednesday, 27 September 2023, 15:19	9.8 CRITICAL	—
DedeBIZ v6.2.11 was discovered to contain multiple remote code execution (RCE) vulnerabilities at /admin/file_manage_control.php via the $activepath and $filename parameters.