CVE-2025-65868

High CVSS: 7.5

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

Vendor

Product

CWE

Yayın Tarihi

2025-12-03 21:15:52

Güncelleme

2025-12-16 19:13:40

Source Identifier

cve@mitre.org

KEV Date Added

CWE-611 Eyoucms HIGH Eyoucms 2025

https://github.com/weng-xianhu/eyoucms/issues/66 https://github.com/weng-xianhu/eyoucms/issues/66

Medium

CVE-2026-1107

A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function check_userinfo of the file Diyajax.p…

Medium

CVE-2025-15375

A flaw has been found in EyouCMS up to 1.7.7. The impacted element is the function unserialize of the file application/a…

Medium

CVE-2025-15374

A vulnerability was detected in EyouCMS up to 1.7.7. The affected element is an unknown function of the file application…

Medium

CVE-2025-15373

A security vulnerability has been detected in EyouCMS up to 1.7.7. Impacted is the function saveRemote of the file appli…

Medium

CVE-2025-15143

A security flaw has been discovered in EyouCMS up to 1.7.6. The affected element is an unknown function of the file /app…

Medium

CVE-2025-52335

EyouCMS 1.7.3 is vulnerale to Cross Site Scripting (XSS) in index.php, which can be exploited to obtain sensitive inform…