Trymonoly

**Name of the Vulnerable Software and Affected Versions** Xunruicms versions 4.6.3 and earlier **Description** The issue allows a remote attacker to escalate privileges via a crafted script. This is a result of Cross Site Scripting vulnerabilities. **Recommendations** For Xunruicms versions 4.6.3 and earlier, update to a version later than 4.6.3 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** phpcmsv9 version 9.6.3 **Description** Cross Site Scripting vulnerabilities in phpcmsv9 allow a remote attacker to escalate privileges via a crafted script. **Recommendations** For phpcmsv9 version 9.6.3, update to a version that fixes the Cross Site Scripting vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** phpcmsv9 version 9.6.3 **Description** The issue allows a remote attacker to escalate privileges via the menu interface of the member center of the background administrator. This is a Cross-Site Scripting issue. **Recommendations** For phpcmsv9 version 9.6.3, update to a version that fixes this issue to prevent privilege escalation. As a temporary workaround, consider restricting access to the menu interface of the member center of the background administrator to minimize the risk of exploitation.