Salims Softhouse : Security Vulnerabilities, CVEs, CVSS score >= 7
PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter.
Max CVSS
7.5
EPSS Score
2.04%
Published
2007-03-06
Updated
2017-10-11
module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "<?php" and "?>", possibly due to a static code injection vulnerability involving admin/data_inc.php.
Max CVSS
7.5
EPSS Score
2.51%
Published
2006-10-03
Updated
2018-10-17
Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to read arbitrary files and possibly execute PHP code via a .. (dot dot) in the show parameter.
Max CVSS
7.5
EPSS Score
1.38%
Published
2004-12-31
Updated
2017-07-11
3 vulnerabilities found