Gougucms - Gougucms CVE

Filtered by vendor Gougucms Subscribe

Filtered by product Gougucms

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-46394	1 Gougucms	1 Gougucms	2024-11-21	N/A	5.4 MEDIUM
A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter.
CVE-2023-46393	1 Gougucms	1 Gougucms	2024-11-21	N/A	7.5 HIGH
gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.

Vulnerabilities (CVE)