CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in JTBCPHP 3.0.1.8. Its cache management module is flawed. An arbitrary file ending in "inc.php" can be deleted via a console/cache/manage.php?type=action&action=batch&batch=delete&ids=../ substring...

7.5AI score0.00332EPSS

Exploits1References1

OSV•added 2019/02/18 12:29 a.m.•1 views

CVE-2019-8433

JTBCPHP 3.0.1.8 allows Arbitrary File Upload via the console//console/file/manage.php?type=list URI, as demonstrated by a .php file...

7.5CVSS7.1AI score

Exploits0References1

Prion•added 2018/11/26 7:29 a.m.•17 views

Code injection

JTBCPHP 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter...

4.3CVSS6AI score0.0024EPSS

Exploits1References2Affected Software1

NVD•added 2018/11/26 7:29 a.m.•7 views

CVE-2018-19547

JTBCPHP 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References2

OSV•added 2018/11/26 7:29 a.m.•1 views

CVE-2018-19546

JTBCPHP 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter...

8.8CVSS5.8AI score

Exploits0References2

Prion•added 2018/11/26 7:29 a.m.•11 views

Design/Logic Flaw

JTBCPHP 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter...

6.8CVSS8.3AI score0.00146EPSS

Exploits1References2Affected Software1

ATTACKERKB•added 2018/11/26 7:29 a.m.•2 views

CVE-2018-19546

JTBCPHP 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter...

8.8CVSS5.4AI score0.00146EPSS

Exploits1References3

Cvelist•added 2018/11/26 7:0 a.m.•12 views

CVE-2018-19547

JTBCPHP 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter...

6.1AI score0.0024EPSS

Exploits1References2

NVD•added 2018/11/17 3:29 p.m.•9 views

CVE-2018-19327

An issue was discovered in JTBCPHP 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF...

8.8CVSS8.7AI score0.00138EPSS

Exploits1References1

OSV•added 2018/11/17 3:29 p.m.•2 views

CVE-2018-19327

An issue was discovered in JTBCPHP 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF...

8.8CVSS5.8AI score0.00138EPSS

Exploits1References1

Cvelist•added 2018/11/17 3:0 p.m.•16 views

CVE-2018-19327

An issue was discovered in JTBCPHP 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF...

8.7AI score0.00138EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by