3 matches found
JTBC Cross-Site Request Forgery Vulnerability
JTBC PHP is a PHP-based open source content management system CMS. A cross-site request forgery vulnerability exists in the /console/account/manage.php?type=action&action=add URL in JTBC v3.0C. A remote attacker can exploit this vulnerability to add an administrator account...
JTBC (PHP) Cross-Site Request Forgery Vulnerability (CNVD-2018-26794)
JTBC PHP is an open source CMS Content Management System. A cross-site request forgery vulnerability exists in JTBC PHP version 3.0.1.7. A remote attacker can exploit this vulnerability to perform unauthorized operations with the help of console/xml/manage.php?type=action&action=edit URI...
JTBCcms 'uu_upload_file' function has SQL injection vulnerability
JTBC is an open source and free cross-platform web content management system solution. JTBCcms 'uuuploadfile' function SQL injection vulnerability. The vulnerability is caused by the failure to effectively filter the parameters used in the user upload file , an attacker can exploit the...