Jaf Cms@4.0 Security Vulnerabilities and Issues — Jaf Cms@4.0 CVE List

Lucene search

Salims SofthouseJaf Cms4.0

5 matches found

CVE•added 2006/10/03 4:3 a.m.•42 views

CVE-2006-5131

module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "", possibly due to a static code injection vulnerability involving admin/data_inc.php.

7.5CVSS8.3AI score0.01922EPSS

CVE•added 2006/10/03 4:3 a.m.•34 views

CVE-2006-5129

Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via (1) the message parameter, and possibly other parameters, in module/shout/jafshout.php (aka the shoutbox); and (2) the message b...

6.8CVSS6.1AI score0.00971EPSS

CVE•added 2007/03/06 1:19 a.m.•34 views

CVE-2006-7128

PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter.

7.5CVSS7.9AI score0.04158EPSS

CVE•added 2006/10/03 4:3 a.m.•33 views

CVE-2006-5130

Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) url, (3) title, and (4) about parameters in a forum post. NOTE: the provenance of this information is unknown;...

6.8CVSS5.9AI score0.00834EPSS

CVE•added 2007/03/06 1:19 a.m.•33 views

CVE-2006-7127

Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.

6.8CVSS7.6AI score0.0795EPSS