VYPR

jnoj

by Jiangnan Online Judge

CVEs (4)

  • CVE-2019-17538HigOct 13, 2019
    risk 0.50cvss 7.5epss 0.12

    Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring.

  • CVE-2019-17537HigOct 13, 2019
    risk 0.49cvss 7.5epss 0.02

    Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring.

  • CVE-2019-17491MedOct 10, 2019
    risk 0.40cvss 6.1epss 0.01

    Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[description] parameter to web/admin/problem/create or web/polygon/problem/update.

  • CVE-2019-17489MedOct 10, 2019
    risk 0.40cvss 6.1epss 0.01

    Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[title] parameter to web/polygon/problem/create or web/polygon/problem/update or web/admin/problem/create.