Ljcms CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2020-20735	1 8cms	1 Ljcms	2024-12-10	9.8 Critical
File Upload vulnerability in LJCMS v.4.3.R60321 allows a remote attacker to execute arbitrary code via the ljcms/index.php parameter.
CVE-2020-21237	1 8cms	1 Ljcms	2024-11-21	9.8 Critical
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks.
CVE-2020-20979	1 8cms	1 Ljcms	2024-11-21	9.8 Critical
An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows attackers to execute arbitrary code.
CVE-2020-20583	1 8cms	1 Ljcms	2024-11-21	7.5 High
A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R60321 allows attackers to obtain sensitive database information.

Page 1 of 1.