Every CVE whose affected-product data names Cxuu Cxuucms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2020-28091 — CVSS 7.5 (high): cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php.
CVE-2021-39599 — CVSS 6.1 (medium): Multiple Cross Site Scripting (XSS) vulnerabilities exists in CXUUCMS 3.1 in the search and c parameters in (1) public/search.php and in…
CVE-2021-42970 — CVSS 6.1 (medium): Cross Site Scripting (XSS) vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter.
CVE-2020-35346 — CVSS 4.8 (medium): CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the…