VYPR
Vendor

Jcow

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2011-3203CriJan 14, 2020
    risk 0.64cvss 9.8epss 0.02

    A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2.

  • CVE-2011-3202MedJan 14, 2020
    risk 0.40cvss 6.1epss 0.01

    A Cross-Site Scripting (XSS) vulnerability exists in the g parameter to index.php in Jcow CMS 4.2 and earlier.

  • CVE-2011-3746Sep 23, 2011
    risk 0.00cvss epss 0.01

    Jcow 4.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/page.tpl.php and certain other files.