Filtered by vendor Hyweb
Subscriptions
Filtered by product Hycms-j1
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22849 | 1 Hyweb | 1 Hycms-j1 | 2024-11-21 | 4.6 Medium |
| Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting) attack. | ||||
| CVE-2021-22847 | 1 Hyweb | 1 Hycms-j1 | 2024-11-21 | 8.8 High |
| Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without privilege. | ||||
Page 1 of 1.