Lucene search

Joyplus Security Vulnerabilities - February

cve

joyplus-cms 1.6.0 allows reinstallation if the install/ URI remains available.

7.5CVSS

7.5AI Score

0.001EPSS

2019-09-21 06:15 PM

186

cve

joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.

9.8CVSS

9.7AI Score

0.028EPSS

2019-09-21 06:15 PM

192

cve

joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.

8.8CVSS

8.6AI Score

0.001EPSS

2019-09-21 06:15 PM