Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page.
5.4CVSS
5.7AI Score
0.001EPSS
An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function.
7.8CVSS
7.8AI Score
0.001EPSS