Vulnerabilities > Jtbc
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-11 | CVE-2019-9662 | Path Traversal vulnerability in Jtbc PHP 3.0.1.8 An issue was discovered in JTBC(PHP) 3.0.1.8. | 7.5 |
| 2019-03-07 | CVE-2018-17429 | Cross-Site Request Forgery (CSRF) vulnerability in Jtbc 3.0 /console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF for adding an administrator account. | 8.8 |
| 2019-02-18 | CVE-2019-8433 | Unrestricted Upload of File with Dangerous Type vulnerability in Jtbc PHP 3.0.1.8 JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file. | 7.5 |
| 2018-11-26 | CVE-2018-19547 | Cross-site Scripting vulnerability in Jtbc PHP 3.0.1.7 JTBC(PHP) 3.0.1.7 has XSS via the console/xml/manage.php?type=action&action=edit content parameter. | 6.1 |
| 2018-11-26 | CVE-2018-19546 | Cross-site Scripting vulnerability in Jtbc PHP 3.0.1.7 JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter. | 8.8 |
| 2018-11-17 | CVE-2018-19327 | Cross-Site Request Forgery (CSRF) vulnerability in Jtbc PHP 3.0.1.7 An issue was discovered in JTBC(PHP) 3.0.1.7. | 8.8 |
| 2018-10-17 | CVE-2018-18436 | Cross-Site Request Forgery (CSRF) vulnerability in Jtbc PHP 3.0.0.0 JTBC(PHP) 3.0 allows CSRF for creating an account via the console/account/manage.php?type=action&action=add URI. | 8.8 |
| 2018-10-01 | CVE-2018-17838 | Path Traversal vulnerability in Jtbc PHP 3.0.1.6 An issue was discovered in JTBC(PHP) 3.0.1.6. | 7.5 |
| 2018-10-01 | CVE-2018-17837 | Path Traversal vulnerability in Jtbc PHP 3.0.1.6 An issue was discovered in JTBC(PHP) 3.0.1.6. | 7.5 |
| 2018-10-01 | CVE-2018-17836 | Path Traversal vulnerability in Jtbc PHP 3.0.1.6 An issue was discovered in JTBC(PHP) 3.0.1.6. | 8.8 |