Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

jupiter cms jupiter cms vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2006-1223
Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1.1.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag.
Jupiter Cms Jupiter Cms 1.1.4Jupiter Cms Jupiter Cms
5
CVSSv2
CVE-2006-2105
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote malicious users to read arbitrary files via ".." sequences terminated by a %00 (null) character in the n parameter.
Jupiter Cms Jupiter Cms 1.1.4Jupiter Cms Jupiter Cms 1.1.5
4.3
CVSSv2
CVE-2006-4874
Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS allow remote malicious users to inject arbitrary web script or HTML via the (1) language[Admin name] and (2) language[Admin back] parameters in (a) modules/blocks.php; the (3) language[Register title] and (4) lang...
Jupiter Cms Jupiter Cms
5
CVSSv2
CVE-2006-4875
Unrestricted file upload vulnerability in modules/galleryuploadfunction.php in Jupiter CMS allows remote malicious users to upload picture files, and possibly files with arbitrary extensions, to gallery/albums/public.
Jupiter Cms Jupiter Cms
7.5
CVSSv2
CVE-2006-4876
Multiple SQL injection vulnerabilities in Jupiter CMS allow remote malicious users to execute arbitrary SQL commands via (1) the user name during login, or the (2) key or (3) fpwusername parameters in modules/register.
Jupiter Cms Jupiter Cms
7.5
CVSSv2
CVE-2007-0987
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter.
Jupiter Cms Jupiter Cms 1.1.5
5
CVSSv2
CVE-2006-4873
Jupiter CMS allows remote malicious users to obtain sensitive information via a direct request for (1) includes/functions.php, (2) modules/register.php, (3) modules/poll.php, (4) modules/panel.php, (5) modules/pm.php, (6) modules/news.php, (7) modules/templates_change.php, (8) mo...
Jupiter Cms Jupiter Cms 1.1.5
2.6
CVSSv2
CVE-2006-1680
Jupiter CMS 1.1.5, when display_errors is enabled, allows remote malicious users to obtain the full server path via a direct request to modules/online.php.
Jupiter Cms Jupiter Cms 1.1.5
4.3
CVSSv2
CVE-2006-1679
Cross-site scripting (XSS) vulnerability in modules/online.php in Jupiter CMS 1.1.5 allows remote malicious users to inject arbitrary web script or HTML via the layout parameter to index.php.
Jupiter Cms Jupiter Cms 1.1.5
7.5
CVSSv2
CVE-2007-0971
Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header and certain other HTTP headers, which set the ip variable that is used in SQL queries performed by index.php and certain other ...
Jupiter Cms Jupiter Cms 1.1.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook