Gougucms - Gougucms CVE

Filtered by vendor Gougucms Subscribe

Filtered by product Gougucms

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-46393	1 Gougucms	1 Gougucms	2024-09-12	N/A	7.5 HIGH
gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.
CVE-2023-46394	1 Gougucms	1 Gougucms	2024-02-28	N/A	5.4 MEDIUM
A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter.

Vulnerabilities (CVE)