Skip to main content

Jtbc Php

9 CVEs product

Monthly

CVE-2019-9662 HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Jtbc Php
NVD GitHub
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-8433 HIGH POC This Week

JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Jtbc Php
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-19547 MEDIUM POC This Month

JTBC(PHP) 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Jtbc Php
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-19546 HIGH POC This Week

JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF XSS PHP Jtbc Php
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-19327 HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Jtbc Php
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-18436 HIGH POC This Week

JTBC(PHP) 3.0 allows CSRF for creating an account via the console/account/manage.php?type=action&action=add URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Jtbc Php
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2018-17838 HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Jtbc Php
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-17837 HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Jtbc Php
NVD GitHub
CVSS 3.0
7.5
EPSS
1.3%
CVE-2018-17836 HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Jtbc Php
NVD GitHub
CVSS 3.0
8.8
EPSS
1.6%
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Jtbc Php
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Jtbc Php
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

JTBC(PHP) 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Jtbc Php
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF XSS PHP +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Jtbc Php
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

JTBC(PHP) 3.0 allows CSRF for creating an account via the console/account/manage.php?type=action&action=add URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Jtbc Php
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Jtbc Php
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Jtbc Php
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

An issue was discovered in JTBC(PHP) 3.0.1.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Jtbc Php
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy