3 matches found
CVE-2018-12905
joyplus-cms 1.6.0 has XSS in adminplayer.php, related to manager/index.php "system manage" and "add" actions...
CVE-2019-16660
joyplus-cms 1.6.0 has adminajax.php?action=savexml&tab=vodplay CSRF...
CVE-2018-14388
joyplus-cms 1.6.0 has XSS via the manager/adminajax.php cansearchdevice array parameter...