VYPR
Vendor

Jeecms

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2018-19545HigNov 26, 2018
    risk 0.57cvss 8.8epss 0.00

    JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user.

  • CVE-2018-20528MedDec 28, 2018
    risk 0.42cvss 6.5epss 0.01

    JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter.

  • CVE-2018-19544MedNov 26, 2018
    risk 0.42cvss 6.5epss 0.00

    JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news.

  • CVE-2020-21729MedOct 7, 2021
    risk 0.35cvss 5.4epss 0.01

    JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability in the component of /member-vipcenter.htm, which allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

  • CVE-2020-20799MedSep 30, 2021
    risk 0.35cvss 5.4epss 0.00

    JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the commentText parameter.

  • CVE-2018-18952MedNov 5, 2018
    risk 0.31cvss 4.8epss 0.01

    JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI.