Filtered by vendor Gougucms
Subscriptions
Filtered by product Gougucms
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2366 | 1 Gougucms | 1 Gougucms | 2025-07-13 | 2.4 Low |
| A vulnerability, which was classified as problematic, was found in gougucms 4.08.18. This affects the function add of the file /admin/department/add of the component Add Department Page. The manipulation of the argument title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-46394 | 1 Gougucms | 1 Gougucms | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter. | ||||
| CVE-2023-46393 | 1 Gougucms | 1 Gougucms | 2024-11-21 | 7.5 High |
| gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet. | ||||
Page 1 of 1.