Skip to main content

Jeecms

4 CVEs product

Monthly

CVE-2018-20528 MEDIUM This Month

JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Jeecms
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2018-19545 HIGH POC This Week

JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Jeecms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-19544 MEDIUM POC This Month

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Jeecms
NVD GitHub
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-18952 MEDIUM POC This Month

JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jeecms
NVD
CVSS 3.0
4.8
EPSS
0.6%
EPSS 1% CVSS 6.5
MEDIUM This Month

JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Jeecms
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Jeecms
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Jeecms
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jeecms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy