Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2022/02/04 10:15 p.m.7 views

CVE-2022-23330

A remote code execution RCE vulnerability in HelloWorldAddonController.java of jpress v4.2.0 allows attackers to execute arbitrary code via a crafted JAR package...

8.8CVSS8.1AI score0.01926EPSS
Exploits1References2
OSV
OSV
added 2022/01/26 5:15 p.m.15 views

CVE-2021-46116

jpress 4.2.0 is vulnerable to remote code execution via io.jpress.web.admin.TemplateControllerdoInstall. The admin panel provides a function through which attackers can install templates and inject some malicious code...

7.2CVSS8AI score
Exploits0References3
OSV
OSV
added 2022/01/26 5:15 p.m.13 views

CVE-2021-46115

jpress 4.2.0 is vulnerable to RCE via io.jpress.web.admin.TemplateControllerdoUploadFile. The admin panel provides a function through which attackers can upload templates and inject some malicious code...

7.2CVSS7.1AI score
Exploits0References3
NVD
NVD
added 2022/01/26 5:15 p.m.17 views

CVE-2021-46115

jpress 4.2.0 is vulnerable to RCE via io.jpress.web.admin.TemplateControllerdoUploadFile. The admin panel provides a function through which attackers can upload templates and inject some malicious code...

7.2CVSS0.01318EPSS
Exploits1References3
NVD
NVD
added 2022/01/26 5:15 p.m.12 views

CVE-2021-46118

jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit.ArticleNotifyKitdoSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code...

7.2CVSS0.02755EPSS
Exploits1References3
NVD
NVD
added 2022/01/26 5:15 p.m.16 views

CVE-2021-46116

jpress 4.2.0 is vulnerable to remote code execution via io.jpress.web.admin.TemplateControllerdoInstall. The admin panel provides a function through which attackers can install templates and inject some malicious code...

7.2CVSS0.0255EPSS
Exploits1References3
Prion
Prion
added 2022/01/26 4:15 p.m.12 views

Remote code execution

jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.page.PageNotifyKitdoSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code...

6.5CVSS7.4AI score0.03262EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/01/26 4:3 p.m.21 views

CVE-2021-46118

jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit.ArticleNotifyKitdoSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code...

7.6AI score0.02755EPSS
Exploits1References2
Rows per page
Query Builder