VYPR

jtbc

by Jetiben

CVEs (2)

  • CVE-2018-17429HigMar 7, 2019
    risk 0.57cvss 8.8epss 0.01

    /console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF for adding an administrator account.

  • CVE-2019-8433HigFeb 18, 2019
    risk 0.49cvss 7.5epss 0.01

    JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file.