Lucene search
K

150 matches found

nvd
nvd
added 2018/04/12 6:29 p.m.17 views

CVE-2018-10073

joyplus-cms 1.6.0 has XSS in manager/adminvod.php via the keyword parameter...

4.8CVSS5AI score0.0064EPSS
Exploits1References1
prion
prion
added 2018/04/12 6:29 p.m.13 views

Design/Logic Flaw

joyplus-cms 1.6.0 has XSS in manager/adminvod.php via the keyword parameter...

3.5CVSS4.9AI score0.0064EPSS
Exploits1References1Affected Software1
osv
osv
added 2018/04/12 6:29 p.m.2 views

CVE-2018-10073

joyplus-cms 1.6.0 has XSS in manager/adminvod.php via the keyword parameter...

4.8CVSS5.8AI score0.0064EPSS
Exploits1References1
cvelist
cvelist
added 2018/04/12 6:0 p.m.21 views

CVE-2018-10073

joyplus-cms 1.6.0 has XSS in manager/adminvod.php via the keyword parameter...

5AI score0.0064EPSS
Exploits1References1
cve
cve
added 2018/04/12 6:0 p.m.40 views

CVE-2018-10073

The CVE-2018-10073 entry applies to joyplus-cms 1.6.0, where a cross-site scripting vulnerability exists in manager/admin_vod.php via the keyword parameter. Root cause is improper handling of the keyword input leading to XSS. Documents state the affected software and vulnerable parameter but do n...

4.8CVSS4.9AI score0.0064EPSS
Exploits1References1Affected Software1
cnvd
cnvd
added 2018/04/12 12:0 a.m.5 views

Joyplus CMS Information Disclosure Vulnerability

Joyplus CMS is an efficient video movie website management system built with PHPmysql, independently developed by Zhi Jing Technology, which has been used as a backend management system for free products Joyplus Video, and after continuous improvement, it now has a complete functional system and...

5.3CVSS6.4AI score0.01531EPSS
Exploits0References1
nvd
nvd
added 2018/04/11 6:29 p.m.18 views

CVE-2018-10028

joyplus-cms 1.6.0 allows remote attackers to obtain sensitive information via a direct request to the install/ or log/ URI...

5.3CVSS5.2AI score0.01531EPSS
Exploits0References1
prion
prion
added 2018/04/11 6:29 p.m.15 views

Information disclosure

joyplus-cms 1.6.0 allows remote attackers to obtain sensitive information via a direct request to the install/ or log/ URI...

5CVSS5.1AI score0.01531EPSS
Exploits0References1Affected Software1
osv
osv
added 2018/04/11 6:29 p.m.2 views

CVE-2018-10028

joyplus-cms 1.6.0 allows remote attackers to obtain sensitive information via a direct request to the install/ or log/ URI...

5.3CVSS5.8AI score0.01531EPSS
Exploits0References1
cvelist
cvelist
added 2018/04/11 6:0 p.m.22 views

CVE-2018-10028

joyplus-cms 1.6.0 allows remote attackers to obtain sensitive information via a direct request to the install/ or log/ URI...

5.2AI score0.01531EPSS
Exploits0References1
cve
cve
added 2018/04/11 6:0 p.m.47 views

CVE-2018-10028

Affected software: Joyplus CMS 1.6.0. Vulnerability: Information disclosure via direct requests to the install/ or log/ URIs, enabling remote attackers to obtain sensitive information. Root cause / notes: Documented across multiple sources (NVD, Red Hat, CNVD) with identical description; no expli...

5.3CVSS5.1AI score0.01531EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2018/03/19 12:0 a.m.6 views

joyplus-cms cross-site scripting vulnerability

joyplus-cms joy video is an open source video backend management system based on PHP and MySQL. The system has a video resource acquisition , user feedback management , automatic address resolution and message push management and other functions . A cross-site scripting vulnerability exists in...

4.8CVSS6AI score0.0064EPSS
Exploits1References1
nvd
nvd
added 2018/03/18 6:29 a.m.19 views

CVE-2018-8767

joyplus-cms 1.6.0 has XSS in manager/adminajax.php?action=save&tab=prevodtype via the tname parameter...

4.8CVSS5AI score0.0064EPSS
Exploits1References1
osv
osv
added 2018/03/18 6:29 a.m.3 views

CVE-2018-8767

joyplus-cms 1.6.0 has XSS in manager/adminajax.php?action=save&tab=prevodtype via the tname parameter...

4.8CVSS5.8AI score0.0064EPSS
Exploits1References1
prion
prion
added 2018/03/18 6:29 a.m.21 views

Design/Logic Flaw

joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/adminvod.php?action=add...

7.5CVSS9.6AI score0.03432EPSS
Exploits1References1Affected Software1
attackerkb
attackerkb
added 2018/03/18 6:29 a.m.3 views

CVE-2018-8766

joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/adminvod.php?action=add...

9.8CVSS5.7AI score0.03432EPSS
Exploits1References2
prion
prion
added 2018/03/18 6:29 a.m.13 views

Design/Logic Flaw

joyplus-cms 1.6.0 has XSS in manager/adminajax.php?action=save&tab=prevodtype via the tname parameter...

3.5CVSS4.9AI score0.0064EPSS
Exploits1References1Affected Software1
osv
osv
added 2018/03/18 6:29 a.m.3 views

CVE-2018-8766

joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/adminvod.php?action=add...

9.8CVSS5.9AI score0.03432EPSS
Exploits1References1
nvd
nvd
added 2018/03/18 6:29 a.m.24 views

CVE-2018-8766

joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/adminvod.php?action=add...

9.8CVSS9.7AI score0.03432EPSS
Exploits1References1
attackerkb
attackerkb
added 2018/03/18 6:29 a.m.5 views

CVE-2018-8767

joyplus-cms 1.6.0 has XSS in manager/adminajax.php?action=save&tab=prevodtype via the tname parameter...

4.8CVSS5.4AI score0.0064EPSS
Exploits1References2
Rows per page
Query Builder