ID CVE-2018-9993
Description YUNUCMS 1.0.7 has XSS via the content title on an admin/content/addcontent/cid/## page (aka a news center page).
CVSS
  • Score: 3.5
  • Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
  • Availability: not affected
  • Confidentiality: not affected
  • Integrity: PARTIAL
CWE-ID CWE-79
Last Modified May 16, 2018
Available Solutions No solutions were found

CPE-ID

Application Name/CPE-IDVendorProductVersionList of Vulnerabilities
Yunucms Yunucms 1.0.7 yunucms yunucms 1.0.7 1 Vulnerabilties for Yunucms Yunucms 1.0.7
Similar vulnerabilities

Pre-Condition

<set operator="and">
    <prop key="application" value="cpe:/a:yunucms:yunucms:1.0.7"/>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="remote"/>
</set>

								

Post-Condition

<set operator="and">
    <prop key="target" value="host"/>
  <set operator="or">
      <prop key="program_influence" value="input"/>
      <prop key="program_influence" value="output"/>
      <prop key="program_influence" value="existence"/>
  </set>
    <prop key="data" value="any"/>
  <set operator="or">
      <prop key="data_influence" value="write"/>
      <prop key="data_influence" value="delete"/>
  </set>
  <set operator="or">
      <prop key="range" value="remote"/>
      <prop key="range" value="local"/>
  </set>
</set>