Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-18457 | 1 Bycms Project | 1 Bycms | 2024-11-21 | 6.0 MEDIUM | 6.8 MEDIUM |
Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html. | |||||
CVE-2020-18455 | 1 Bycms Project | 1 Bycms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
Cross Site Scripting (XSS) vulnerability exists in bycms v3.0.4 via the title parameter in the edit function in Document.php. | |||||
CVE-2020-18454 | 1 Bycms Project | 1 Bycms | 2024-11-21 | 6.0 MEDIUM | 6.8 MEDIUM |
Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admin.php/systems/index/module_id/70/group_id/1.html. |