Skip to main content

Xycms

1 CVEs product

Monthly

CVE-2018-14686 MEDIUM POC This Month

system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted add_do.php request, related to add_book.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Xycms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted add_do.php request, related to add_book.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Xycms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy