RSS   Vulnerabilities for 'JCMS'   RSS

2020-07-17
 
CVE-2020-15497

CWE-79
 

 
jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter.

 
2019-11-21
 
CVE-2019-19033

CWE-287
 

 
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.

 


Copyright 2024, cxsecurity.com

 

Back to Top