Lucene search
K

95 matches found

CVE
CVE
added 2021/09/30 9:39 p.m.34 views

CVE-2020-20799

The provided connected documents confirm a stored cross-site scripting (XSS) vulnerability in JeeCMS 1.0.1, allowing an attacker to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter. The CVE description consistently describes this issue as JeeCMS 1.0.1’s lac...

5.4CVSS5.2AI score0.00487EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/09/30 9:39 p.m.35 views

CVE-2020-20799

JeeCMS 1.0.1 contains a stored cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter...

5.3AI score0.00487EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/09/30 12:0 a.m.5 views

JeeCMS 跨站脚本漏洞

Jeecms is a content management system CMS developed in Java by China's Jinlei Technology Development Jeecms Company. A cross-site scripting vulnerability exists in JeeCMS version 1.0, which stems from the software's lack of effective filtering and validation of the commentText parameter. This...

5.4CVSS5.8AI score0.00487EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/10 12:0 a.m.10 views

Jeecms background exists arbitrary file download vulnerability

jeecms is a content management system developed by Jiangxi Jinlei Technology Development Co., Ltd. that supports WeChat applets, WeChat public/service numbers, column models, content model cross-customization, and content e-commerce with payment and financial settlement. jeecms background exists...

4.4AI score
Exploits0
CNVD
CNVD
added 2020/07/16 12:0 a.m.1 views

Stored Cross-Site Scripting Vulnerability in jeecms

jeecms is Jiangxi Jinlei Technology Development Co., Ltd. developed a support for WeChat small program, WeChat public number / service number, column model, content model cross-customization, as well as with payment and financial settlement of the content of the e-commerce as one of the content...

6.1AI score
Exploits0
CNVD
CNVD
added 2020/01/03 12:0 a.m.2 views

XSS vulnerability in jeecms

jeecms is Jiangxi Jinlei Technology Development Co., Ltd. developed a support for WeChat small program, WeChat public number / service number, column model, content model cross-customization, as well as with payment and financial settlement of the content of the e-commerce as one of the content...

6.4AI score
Exploits0
CNVD
CNVD
added 2019/12/18 12:0 a.m.1 views

File Upload Vulnerability in Jeecms v9.3 Backend

JEECMS is Jiangxi Jinlei Technology Development Co., Ltd. developed a support for WeChat small program, WeChat public number / service number, column model, content model cross-customization, as well as with the payment and financial settlement of the content of the e-commerce as one of the conte...

7AI score
Exploits0
CNVD
CNVD
added 2019/03/15 12:0 a.m.2 views

jeecms JSPGOU single-store version v6.0 has multiple stored cross-site scripting vulnerabilities

jspgou is based on java technology development of e-commerce management software. There are multiple stored cross-site scripting vulnerabilities in jeecms JSPGOU Single Store Edition v6.0. Due to the front-end input filtering is not strict, the background operation is not verified source, allowin...

6.4AI score
Exploits0
OSV
OSV
added 2018/12/28 4:29 p.m.3 views

CVE-2018-20528

JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter...

6.5CVSS5.8AI score0.01047EPSS
Exploits0References2
NVD
NVD
added 2018/12/28 4:29 p.m.27 views

CVE-2018-20528

JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter...

6.5CVSS6.5AI score0.01047EPSS
Exploits0References2
Prion
Prion
added 2018/12/28 4:29 p.m.16 views

Design/Logic Flaw

JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter...

4CVSS6.5AI score0.01047EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/12/27 6:0 p.m.26 views

CVE-2018-20528

JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter...

6.6AI score0.01047EPSS
Exploits0References1
CVE
CVE
added 2018/12/27 6:0 p.m.47 views

CVE-2018-20528

The CVE-2018-20528 entry affects JEECMS 9 and describes a Server-Side Request Forgery (SSRF) via the ueditor/getRemoteImage.jspx upfile parameter. Connected records confirm the vulnerability is centered on JEECMS 9 and the SSRF condition in the upfile parameter, with an impact that includes Parti...

6.5CVSS6.5AI score0.01047EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/11/26 7:29 a.m.13 views

Cross site request forgery (csrf)

JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user...

6.8CVSS8.6AI score0.00494EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/26 7:29 a.m.21 views

CVE-2018-19544

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news...

6.5CVSS6.5AI score0.00422EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/11/26 7:29 a.m.3 views

CVE-2018-19545

JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user...

8.8CVSS5.5AI score0.00494EPSS
Exploits1References2
Prion
Prion
added 2018/11/26 7:29 a.m.13 views

Cross site request forgery (csrf)

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news...

4.3CVSS6.5AI score0.00422EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/26 7:29 a.m.3 views

CVE-2018-19545

JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user...

8.8CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/11/26 7:29 a.m.3 views

CVE-2018-19544

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news...

6.5CVSS5.5AI score0.00422EPSS
Exploits1References2
NVD
NVD
added 2018/11/26 7:29 a.m.14 views

CVE-2018-19545

JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user...

8.8CVSS8.7AI score0.00494EPSS
Exploits1References1
Rows per page
Query Builder