25 matches found
EUVD-2013-3020
Malware in sbrugna...
EUVD-2013-3019
Malware in sbrugna...
search.sweetjojodesigns.com Cross Site Scripting vulnerability OBB-3934489
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
search.sweetjojodesigns.com Cross Site Scripting vulnerability OBB-3859663
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jojo-cup.de Cross Site Scripting vulnerability OBB-2698456
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
jojo-studio.de Cross Site Scripting vulnerability OBB-2623983
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Jojo Xinha Path Traversal Vulnerability
Jojo is Jojo team developed a free, open source PHP-based content management system CMS. The system supports WYSIWYG editor , search engine optimization , etc. Xinha is used in one of the visual HTML editor . A directory traversal vulnerability exists in the plugins/ImageManager/backend.php file ...
CVE-2017-11723
Directory traversal vulnerability in plugins/ImageManager/backend.php in Xinha 0.96, as used in Jojo 4.4.0, allows remote attackers to delete any folder via directory traversal sequences in the deld parameter...
CVE-2017-11723
CVE-2017-11723 affects Xinha 0.96 (as used in Jojo 4.4.0) via the plugins/ImageManager/backend.php component. The underlying issue is a directory traversal vulnerability in the deld parameter, which allows a remote attacker to delete arbitrary folders. No exploitation details are provided in the ...
myaccount.sweetjojodesigns.com XSS vulnerability
Vulnerable URL: http://myaccount.sweetjojodesigns.com/login.php?email=%27%22%3E%3E%3C/title%3E%27%22%3ESCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28/XSSPOSED/%29%3C/SCRIPT%3E Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 18:47 GMT Vulnerability...
Jojo CMS X-Forwarded-For header SQL injection vulnerability-vulnerability warning-the black bar safety net
Affected system: Jojo CMS Jojo CMS 1.2.2 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 5 9 9 3 4 CVECAN ID: CVE-2 0 1 3-3 0 8 1 Jojo CMS is SEO-friendly, scalable, PHP-based CMS. Jojo CMS 1.2.2 previous version, the...
CVE-2013-3081
SQL injection vulnerability in the checkEmailFormat function in plugins/jojocore/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/...
CVE-2013-3082
Cross-site scripting XSS vulnerability in plugins/jojocore/forgotpassword.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/...
Sql injection
SQL injection vulnerability in the checkEmailFormat function in plugins/jojocore/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/...
Cross site scripting
Cross-site scripting XSS vulnerability in plugins/jojocore/forgotpassword.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/...
CVE-2013-3081
SQL injection vulnerability in the checkEmailFormat function in plugins/jojocore/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/...
CVE-2013-3082
Cross-site scripting XSS vulnerability in plugins/jojocore/forgotpassword.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/...
CVE-2013-3081
Summary: CVE-2013-3081 affects Jojo CMS prior to 1.2.2, where the checkEmailFormat function in Jojo.php allows SQL injection via the X-Forwarded-For header sent to /articles/test/. This enables remote, unauthenticated attackers to execute arbitrary SQL commands. The issue is documented in multipl...
CVE-2013-3082
CVE-2013-3082 is a cross-site scripting (XSS) vulnerability affecting Jojo CMS prior to 1.2.2, specifically in the forgot_password.php path used by the forgot-password/ flow. The issue arises from insufficient input sanitization of the search parameter, allowing a remote attacker to inject arbitr...
Jojo CMS Multiple Vulnerabilities
Jojo CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...