Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jupiter cms jupiter cms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-1223
Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1.1.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag.
Jupiter Cms Jupiter Cms 1.1.4
Jupiter Cms Jupiter Cms
1 EDB exploit
5
CVSSv2
CVE-2006-2105
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote malicious users to read arbitrary files via ".." sequences terminated by a %00 (null) character in the n parameter.
Jupiter Cms Jupiter Cms 1.1.4
Jupiter Cms Jupiter Cms 1.1.5
4.3
CVSSv2
CVE-2006-4874
Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS allow remote malicious users to inject arbitrary web script or HTML via the (1) language[Admin name] and (2) language[Admin back] parameters in (a) modules/blocks.php; the (3) language[Register title] and (4) lang...
Jupiter Cms Jupiter Cms
4 EDB exploits
5
CVSSv2
CVE-2006-4875
Unrestricted file upload vulnerability in modules/galleryuploadfunction.php in Jupiter CMS allows remote malicious users to upload picture files, and possibly files with arbitrary extensions, to gallery/albums/public.
Jupiter Cms Jupiter Cms
1 EDB exploit
7.5
CVSSv2
CVE-2006-4876
Multiple SQL injection vulnerabilities in Jupiter CMS allow remote malicious users to execute arbitrary SQL commands via (1) the user name during login, or the (2) key or (3) fpwusername parameters in modules/register.
Jupiter Cms Jupiter Cms
1 EDB exploit
7.5
CVSSv2
CVE-2007-0987
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter.
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
5
CVSSv2
CVE-2006-4873
Jupiter CMS allows remote malicious users to obtain sensitive information via a direct request for (1) includes/functions.php, (2) modules/register.php, (3) modules/poll.php, (4) modules/panel.php, (5) modules/pm.php, (6) modules/news.php, (7) modules/templates_change.php, (8) mo...
Jupiter Cms Jupiter Cms 1.1.5
2.6
CVSSv2
CVE-2006-1680
Jupiter CMS 1.1.5, when display_errors is enabled, allows remote malicious users to obtain the full server path via a direct request to modules/online.php.
Jupiter Cms Jupiter Cms 1.1.5
4.3
CVSSv2
CVE-2006-1679
Cross-site scripting (XSS) vulnerability in modules/online.php in Jupiter CMS 1.1.5 allows remote malicious users to inject arbitrary web script or HTML via the layout parameter to index.php.
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
7.5
CVSSv2
CVE-2007-0971
Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header and certain other HTTP headers, which set the ip variable that is used in SQL queries performed by index.php and certain other ...
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »