EUVD-2020-10340

Malware in sbrugna...

CVE-2020-18416

An cross site request forgery CSRF vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html=6 to modify payment information...

CVE-2020-18416

An cross site request forgery CSRF vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information...

CVE-2020-18416

An cross site request forgery CSRF vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information...

Cross site request forgery (csrf)

An cross site request forgery CSRF vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information...

CVE-2020-18416

An cross site request forgery CSRF vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information...

PT-2023-11501 · Jymusic · Jymusic

Name of the Vulnerable Software and Affected Versions: Jymusic version 2.0.0 Description: A cross-site request forgery CSRF issue allows attackers to execute arbitrary code via the "/admin.php?s=/addons/config.html&id=6" API endpoint to modify payment information. This can be achieved by exploiti...

CVE-2020-18416

An cross site request forgery CSRF vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information...

CVE-2020-18416

Affected software/component: Jymusic v2.0.0. Vulnerability type: Cross-Site Request Forgery (CSRF). Root cause / impact: CSRF allows an attacker to trigger arbitrary code execution by targeting the endpoint "/admin.php?s=/addons/config.html&id=6", enabling modification of payment information. The...

Jymusic 跨站请求伪造漏洞

Jymusic is a dtorp06 open source application. A security vulnerability exists in Jymusic version v2.0.0. An attacker exploited the vulnerability to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 and modify payment information...

Stored cross-site scripting vulnerability in JYmusic frontend (CNVD-2019-13271)

JYmusic is an open source cross-platform music management system. JYmusic frontend has a stored cross-site scripting vulnerability, an attacker can insert malicious js code in the page to obtain user cookies and other information, resulting in user hijacking...

Stored cross-site scripting vulnerability in JYmusic frontend (CNVD-2019-13273)

JYmusic is an open source cross-platform music management system. JYmusic frontend has a stored cross-site scripting vulnerability, an attacker can insert malicious js code in the page to obtain user cookies and other information, resulting in user hijacking...

Stored cross-site scripting vulnerability in JYmusic frontend (CNVD-2019-13272)

JYmusic is an open source cross-platform music management system. JYmusic frontend has a stored cross-site scripting vulnerability, an attacker can insert malicious js code in the page to obtain user cookies and other information, resulting in user hijacking...

Stored Cross-Site Scripting Vulnerability in JYmusic Frontend

JYmusic is an open source cross-platform music management system. JYmusic frontend has a stored cross-site scripting vulnerability, an attacker can insert malicious js code in the page to obtain user cookies and other information, resulting in user hijacking...

Command Execution Vulnerability in JYmusic v2.0.0

JYmusic is an open source cross-platform music management system. JYmusic v2.0.0 suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the web server...

SQL Injection Vulnerability in JYmusic ArticleController.php Page

JYmusic is an open source cross-platform music management system. A SQL injection vulnerability exists in the JYmusic ArticleController.php page. Allow attackers to exploit the vulnerability to obtain sensitive database information...

SQL injection vulnerability in JYmusic UserController.class.php page s parameter

JYmusic is an open source cross-platform music management system. A SQL injection vulnerability exists in the JYmusic UserController.class.php page s parameter. A remote attacker can exploit the vulnerability to obtain sensitive database information...