CVE-2026-13569 | weng-xianhu EyouCMS up to 1.7.1 API /index.php click_like sql injection (Issue 68)

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability was found in weng-xianhu EyouCMS up to 1.7.1. It has been declared as critical. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument click_like leads to sql injection.

This vulnerability is documented as CVE-2026-13569. The attack can be executed remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-13569 | weng-xianhu EyouCMS up to 1.7.1 API /index.php click_like sql injection (Issue 68)

Post correlati

CVE-2022-4536 | IP Vault Plugin up to 1.1 on WordPress protection mechanism

CVE-2026-40385 | libexif up to 0.6.25 Nikon MakerNote integer overflow

CVE-2025-59096 | Dormakaba Kaba exos 9300 U9ExosAdmin.exe hard-coded credentials

CVE-2026-7009 | cURL up to 8.19.0 OCSP Stapling certificate validation (51905671e07f087e28e57)