Yzmcms - Yzmcms CVE - OpenCVE

Filtered by vendor Yzmcms Subscriptions

Filtered by product Yzmcms Subscriptions

Total 43 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-39174	1 Yzmcms	1 Yzmcms	2024-08-02	6.1 Medium
A cross-site scripting (XSS) vulnerability in the Publish Article function of yzmcms v7.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a published article.
CVE-2024-28725	1 Yzmcms	1 Yzmcms	2024-08-02	7.1 High
Cross Site Scripting (XSS) vulnerability in YzmCMS 7.0 allows attackers to run arbitrary code via Ads Management, Carousel Management, and System Settings.
CVE-2024-24291	1 Yzmcms	1 Yzmcms	2024-08-01	6.1 Medium
An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL.

« first previous Page 3 of 3.