← Back

Bycms Project

bycms_project

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Bycms
bycms
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-18457
1Bycms Project
1Bycms
Jun 17, 2026
Aug 12, 2021
N/A· v4
6.8 MEDIUM· v3
6.0 MEDIUM· v2
Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html.
CVE-2020-18455
1Bycms Project
1Bycms
Jun 17, 2026
Aug 12, 2021
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Cross Site Scripting (XSS) vulnerability exists in bycms v3.0.4 via the title parameter in the edit function in Document.php.
CVE-2020-18454
1Bycms Project
1Bycms
Jun 17, 2026
Aug 12, 2021
N/A· v4
6.8 MEDIUM· v3
6.0 MEDIUM· v2
Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admin.php/systems/index/module_id/70/group_id/1.html.