Pwncyn

**Name of the Vulnerable Software and Affected Versions** PwnCYN YXBOOKCMS version 1.0.2 **Description** A Cross Site Scripting (XSS) issue allows a remote attacker to execute arbitrary code via the reader management and book input modules. **Recommendations** For version 1.0.2, update to a newer version that contains a fix for this issue, if available. As a temporary workaround, consider restricting access to the reader management and book input modules to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PwnCYN YXBOOKCMS version 1.0.2 **Description** A Cross Site Scripting (XSS) issue allows an attacker to execute arbitrary code via the library name function in the general settings component. This can be exploited by a physically proximate attacker. **Recommendations** For PwnCYN YXBOOKCMS version 1.0.2, consider disabling the library name function in the general settings component as a temporary workaround until a patch is available. Restrict access to the general settings component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FanCMS version 1.0.0 **Description** A Cross Site Scripting issue allows an attacker to execute arbitrary code via the `content1` parameter in the "demo.php" file. **Recommendations** For FanCMS version 1.0.0, avoid using the `content1` parameter in the demo.php file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** WenwenaiCMS version 1.0 **Description** The issue allows a remote attacker to escalate privileges due to insecure permissions. **Recommendations** For WenwenaiCMS version 1.0, update to a version that addresses the insecure permissions issue.