Xunruicms: >> Xunruicms >> 3.3.0 Security Vulnerabilities
A cross-site scripting (XSS) vulnerability in XunRuiCMS up to v4.6.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Column Name parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-03-07
Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive information via crafted malicious requests to the background login.
CVSS Score
6.1
EPSS Score
0.005
Published
2024-02-02
xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. This vulnerability allows attackers to execute arbitrary code via a crafted GET request.
CVSS Score
9.8
EPSS Score
0.013
Published
2023-09-27
Page 2