Jaf Cms@3.0 Security Vulnerabilities and Issues — Jaf Cms@3.0 CVE List

Lucene search

Salims SofthouseJaf Cms3.0

3 matches found

CVE•added 2005/02/19 5:0 a.m.•42 views

CVE-2004-1505

Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to read arbitrary files and possibly execute PHP code via a .. (dot dot) in the show parameter.

7.5CVSS7.6AI score0.01288EPSS

CVE•added 2005/02/19 5:0 a.m.•39 views

CVE-2004-1504

The displaycontent function in config.php for Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to gain sensitive information via a blank show parameter, which reveals the installation path in an error message, as demonstrated using index.php.

5CVSS6.9AI score0.00462EPSS

CVE•added 2005/06/28 4:0 a.m.•37 views

CVE-2005-2053

Just another flat file (JAF) CMS before 3.0 Final allows remote attackers to obtain sensitive information via (1) an * (asterisk) in the id parameter, (2) a blank id parameter, or (3) an * (asterisk) in the disp parameter to index.php, which reveals the path in an error message. NOTE: a followup su...

5CVSS6.6AI score0.00312EPSS