Vulnerabilities > Jeecms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-07	CVE-2020-21729	Cross-site Scripting vulnerability in Jeecms X 1.1 JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. network jeecms CWE-79	3.5
2021-09-30	CVE-2020-20799	Cross-site Scripting vulnerability in Jeecms 1.0.1 JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter. network jeecms CWE-79	3.5
2018-12-28	CVE-2018-20528	Server-Side Request Forgery (SSRF) vulnerability in Jeecms 9 JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. network low complexity jeecms CWE-918	4.0
2018-11-26	CVE-2018-19545	Cross-Site Request Forgery (CSRF) vulnerability in Jeecms 9.3 JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user. network jeecms CWE-352	6.8
2018-11-26	CVE-2018-19544	Cross-Site Request Forgery (CSRF) vulnerability in Jeecms 9.3 JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news. network jeecms CWE-352	4.3
2018-11-05	CVE-2018-18952	Cross-site Scripting vulnerability in Jeecms 9.3 JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI. network jeecms CWE-79	3.5

Vulnerabilities > Jeecms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jeecms"}]}