2 matches found
CVE-2010-1268
The CVE-2010-1268 issue affects justVisual CMS 2.0. A local file inclusion (LFI) vulnerability exists in index.php where, if magic_quotes_gpc is disabled, an attacker can cause arbitrary local files to be included/executed via the p parameter due to improper input sanitization (directory traversa...
CVE-2009-3511
CVE-2009-3511 affects justVisual 1.2 and describes multiple PHP remote file inclusion vulnerabilities. The flaw allows an attacker to supply a URL to the fs_jVroot parameter through certain pages (sites/site/pages/index.php, sites/test/pages/contact.php, system/pageTemplate.php, system/utilities....