Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Joyplus ProjectJoyplus

3 matches found

CVE
CVEadded 2019/09/21 5:2 p.m.219 views

CVE-2019-16656

Joyplus-cms 1.6.0 is vulnerable to remote code execution via /install by placing PHP code in the name of a database object. Root cause: unsafe handling of object-name data allows execution of arbitrary PHP on the server. Impact is described as high/critical (CVSS v3.1: 9.8, NETWORK, NONE privileg...

9.8CVSS9.7AI score0.01332EPSS
CVE
CVEadded 2019/09/21 5:2 p.m.207 views

CVE-2019-16655

CVE-2019-16655 affects joyplus-cms 1.6.0 and allows reinstallation if the install/ URI remains accessible. Connected sources (Red Hat, NVD, CVE records) confirm the same description across multiple entries. The available documents do not provide a formal root-cause analysis, exploitation details,...

7.5CVSS7.5AI score0.0084EPSS
CVE
CVEadded 2019/09/21 5:1 p.m.80 views

CVE-2019-16660

CVE-2019-16660 affects joyplus-cms 1.6.0, where the admin_ajax.php?action=savexml&tab=vodplay request is vulnerable to CSRF. The connected records confirm a CSRF flaw but do not provide explicit exploitation steps or a vendor-provided fix within the supplied documents. The CVE entry lists the vul...

8.8CVSS8.6AI score0.00547EPSS