ID CVE-2019-5311
Description An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter.
CVSS
  • Score: 4.3
  • Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
  • Availability: not affected
  • Confidentiality: not affected
  • Integrity: PARTIAL
CWE-ID CWE-79
Last Modified Jan. 10, 2019
Available Solutions No solutions were found

CPE-ID

Application Name/CPE-IDVendorProductVersionList of Vulnerabilities
Yunucms Yunucms 1.1.8 yunucms yunucms 1.1.8 2 Vulnerabilties for Yunucms Yunucms 1.1.8
Similar vulnerabilities

Pre-Condition

<set operator="and">
    <prop key="application" value="cpe:/a:yunucms:yunucms:1.1.8"/>
    <prop key="program_influence" value="input"/>
    <prop key="range" value="remote"/>
</set>

								

Post-Condition

<set operator="and">
    <prop key="target" value="host"/>
  <set operator="or">
      <prop key="program_influence" value="input"/>
      <prop key="program_influence" value="output"/>
      <prop key="program_influence" value="existence"/>
  </set>
    <prop key="data" value="any"/>
  <set operator="or">
      <prop key="data_influence" value="write"/>
      <prop key="data_influence" value="delete"/>
  </set>
  <set operator="or">
      <prop key="range" value="remote"/>
      <prop key="range" value="local"/>
  </set>
</set>