Lucene search
K
8cmsLjcms

4 matches found

CVE
CVE
added 2021/07/08 3:44 p.m.85 views

CVE-2020-20583

CVE-2020-20583 affects LJCMS, specifically the vulnerable endpoint /question.php in Version v4.3.R60321. The root cause is a SQL injection flaw that allows attackers to access sensitive database information. The available documents do not specify an exploit method, active exploitation, or confirm...

7.5CVSS7.6AI score0.01254EPSS
CVE
CVE
added 2021/12/27 10:22 p.m.62 views

CVE-2020-21237

CVE-2020-21237 affects LJCMS v1.11 and is due to a login-box vulnerability that allows brute-force attempts to hijack user accounts. The available documents explicitly describe a lack of effective protection against brute-force login, enabling account hijacking. No concrete patch details, affecte...

9.8CVSS9.2AI score0.01093EPSS
CVE
CVE
added 2021/08/12 2:49 p.m.52 views

CVE-2020-20979

CVE-2020-20979 concerns an arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3, allowing attackers to execute arbitrary code. Affected software: LJCMS v4.3. Root cause: improper handling in the file upload process via move_uploaded_file. Impact: arbitrary code e...

9.8CVSS9.6AI score0.01603EPSS
CVE
CVE
added 2023/06/20 12:0 a.m.47 views

CVE-2020-20735

CVE-2020-20735 affects LJCMS v4.3.R60321. Public sources in the connected documents describe a file upload vulnerability in ljcms/index.php that allows a remote attacker to execute arbitrary code, with CVSS v3.1 metrics indicating Network impact, no privileges required, no user interaction, and a...

9.8CVSS9.5AI score0.01053EPSS