Filtered by vendor Joyplus-cms Project
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-22124 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2021-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information. | |||||
| CVE-2019-17175 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2019-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal. | |||||
| CVE-2018-8717 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2018-04-09 | 6.8 MEDIUM | 8.8 HIGH |
| joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator account via a manager/admin_ajax.php?action=save&tab={pre}manager request. | |||||