RSS   Vulnerabilities for 'Jeecms'   RSS

2021-09-30
 
CVE-2020-20799

CWE-79
 

 
JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter.

 
2018-12-28
 
CVE-2018-20528

CWE-918
 

 
JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter.

 
2018-11-26
 
CVE-2018-19545

CWE-352
 

 
JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user.

 
 
CVE-2018-19544

CWE-352
 

 
JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news.

 
2018-11-05
 
CVE-2018-18952

CWE-79
 

 
JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI.

 

 >>> Vendor: Jeecms 2 Products
Jeecms
Jeecms x


Copyright 2024, cxsecurity.com

 

Back to Top