RSS   Vulnerabilities for 'Justvisual'   RSS

2010-04-06
 
CVE-2010-1268

CWE-22
 

 
Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.

 
2009-10-01
 
CVE-2009-3511

 

 
Multiple PHP remote file inclusion vulnerabilities in justVisual 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the fs_jVroot parameter to (1) sites/site/pages/index.php, (2) sites/test/pages/contact.php, (3) system/pageTemplate.php, and (4) system/utilities.php.

 


Copyright 2019, cxsecurity.com

 

Back to Top