Lucene search
JetboxJetbox Cms
3 matches found
CVE-2007-1898
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
5.8CVSS6.7AI score0.11599EPSS
CVE-2007-2684
Jetbox CMS 2.1 allows remote attackers to obtain sensitive information via (1) a direct request to (a) main_page.php, (b) open_tree.php, and (c) outputs.php; (2) a malformed view parameter to index.php, as demonstrated with an SQL injection manipulation; or (3) the id[] parameter to admin/cms/opent...
5CVSS7.1AI score0.00838EPSS
CVE-2006-4740
Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message.
5CVSS6.5AI score0.00389EPSS