Vulnerabilities > Jeecms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-07	CVE-2020-21729	Cross-site Scripting vulnerability in Jeecms X 1.1 JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. network low complexity jeecms CWE-79	5.4
2021-09-30	CVE-2020-20799	Cross-site Scripting vulnerability in Jeecms 1.0.1 JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter. network low complexity jeecms CWE-79	5.4
2018-12-28	CVE-2018-20528	Server-Side Request Forgery (SSRF) vulnerability in Jeecms 9 JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. network low complexity jeecms CWE-918	6.5
2018-11-26	CVE-2018-19545	Cross-Site Request Forgery (CSRF) vulnerability in Jeecms 9.3 JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user. network low complexity jeecms CWE-352	8.8
2018-11-26	CVE-2018-19544	Cross-Site Request Forgery (CSRF) vulnerability in Jeecms 9.3 JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news. network low complexity jeecms CWE-352	6.5
2018-11-05	CVE-2018-18952	Cross-site Scripting vulnerability in Jeecms 9.3 JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI. network low complexity jeecms CWE-79	4.8

Vulnerabilities > Jeecms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jeecms"}]}