Filtered by vendor Efstratios Geroulis
Subscriptions
Filtered by product Jasmine Cms
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-3313 | 1 Efstratios Geroulis | 1 Jasmine Cms | 2024-11-21 | N/A |
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the login_username parameter to login.php or (2) the item parameter to news.php. | ||||
CVE-2007-3312 | 1 Efstratios Geroulis | 1 Jasmine Cms | 2024-11-21 | N/A |
Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers. |
Page 1 of 1.