Code injection

JTBCPHP 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter...

JTBC (PHP) Cross-Site Request Forgery Vulnerability (CNVD-2018-26794)

JTBC PHP is an open source CMS Content Management System. A cross-site request forgery vulnerability exists in JTBC PHP version 3.0.1.7. A remote attacker can exploit this vulnerability to perform unauthorized operations with the help of console/xml/manage.php?type=action&action=edit URI...

JTBC(PHP) Cross-Site Request Forgery Vulnerability

JTBC PHP is an open source CMS Content Management System. JTBCPHP 3.0.1.7 version of aboutus/manage.php?type=action&action=add cross-site request forgery vulnerability, remote attackers can use the vulnerability to perform unauthorized operations...

PT-2018-5062 · Processmaker · Processmaker Enterprise Core

Name of the Vulnerable Software and Affected Versions: ProcessMaker Enterprise Core version 3.0.1.7-community Description: The issue allows for SQL Injection attacks through specially crafted web requests. An attacker can exploit this by sending a web request with parameters containing SQL...

CVE-2015-0689

Cisco Cloud Web Security (CWS) prior to version 3.0.1.7 is affected by CVE-2015-0689. The root cause is improper handling of HTTP methods in the connector engine, which allows remote attackers to bypass the product’s filtering protection. The impact is bypass of the intended content filtering (no...