Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The wechat_return function in /controller/Index.php of EyouCms V1.5.4-UTF8-SP3 passes the user's input directly into the simplexml_ load_ String function, which itself does not prohibit external entities, triggering a XML external entity (XXE) injection vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
赞赞网络科技 EyouCms 代码问题漏洞
Vulnerability Description
赞赞网络科技 EyouCms(易优CMS)是中国赞赞网络科技公司的一套基于ThinkPHP的开源内容管理系统(CMS)。 EyouCms V1.5.4-UTF8-SP3存在安全漏洞,该漏洞源于/controller/Index.php中的wechat_return函数将用户的输入直接传递给simplexml_load_String函数,该函数本身并没有禁止外部实体。
CVSS Information
N/A
Vulnerability Type
N/A