Product
xunruicms
23 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-15144
CVE-2025-14008
CVE-2025-14007
CVE-2025-14006
CVE-2025-14005
CVE-2025-14004
CVE-2025-60445
CVE-2025-2131
CVE-2025-25957
CVE-2025-1186
CVE-2025-1177
CVE-2024-31634
CVE-2024-24389
CVE-2024-24388
CVE-2023-49490
CVE-2021-38243
CVE-2023-1680
CVE-2023-1683
CVE-2023-1682
CVE-2023-1681
CVE-2022-30037
CVE-2022-36224
CVE-2019-17074
<= 4.7.1
A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the function dr_show_error/dr_exit_msg of
<= 4.7.1
A flaw has been found in dayrui XunRuiCMS up to 4.7.1. This vulnerability affects unknown code of the file admin79f2ec220c7e.php?c
<= 4.7.1
A vulnerability was detected in dayrui XunRuiCMS up to 4.7.1. This affects an unknown part of the file /admin79f2ec220c7e.php?c=ap
<= 4.7.1
A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this issue is some unknown functionality o
<= 4.7.1
A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is an unknown functionality of the
<= 4.7.1
A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown function of the file /admind45f74adbd9
all versions
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in XunRuiCMS version 4.7.1. The vulnerability exists due to
<= 4.6.3
A vulnerability was found in dayrui XunRuiCMS up to 4.6.3. It has been rated as problematic. This issue affects some unknown proce
<= 4.6.3
Cross Site Scripting vulnerabilities in Xunruicms v.4.6.3 and before allows a remote attacker to escalate privileges via a crafted
<= 4.6.4
A vulnerability was found in dayrui XunRuiCMS up to 4.6.4. It has been declared as critical. This vulnerability affects unknown co
all versions
A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has been classified as critical. Affected is the function import_add of th
<= 4.6.3
Cross Site Scripting (XSS) vulnerability in Xunruicms versions 4.6.3 and before, allows remote attacker to execute arbitrary code
<= 4.6.2
A cross-site scripting (XSS) vulnerability in XunRuiCMS up to v4.6.2 allows attackers to execute arbitrary web scripts or HTML via
<= 4.6.2
Cross-site scripting (XSS) vulnerability in XunRuiCMS versions v4.6.2 and before, allows remote attackers to obtain sensitive info
all versions
XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin.php.
<= 4.5.1
xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. This vulnerability all
all versions
A vulnerability, which was classified as problematic, has been found in Xunrui CMS 4.61. This issue affects some unknown processin
all versions
A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality o
all versions
A vulnerability has been found in Xunrui CMS 4.61 and classified as problematic. Affected by this vulnerability is an unknown func
all versions
A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61. Affected is an unknown function of the file /c
>= 4.3.3 and <= 4.5.1
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code
all versions
XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF).
all versions
An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in the module_category area.