Salims Softhouse : Security Vulnerabilities, CVEs, CVSS score >= 7

CVE-2006-7128

PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter.
Max CVSS
7.5
EPSS Score
2.04%
Published
2007-03-06
Updated
2017-10-11

CVE-2006-5131

module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "<?php" and "?>", possibly due to a static code injection vulnerability involving admin/data_inc.php.
Max CVSS
7.5
EPSS Score
2.51%
Published
2006-10-03
Updated
2018-10-17

CVE-2004-1505

Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to read arbitrary files and possibly execute PHP code via a .. (dot dot) in the show parameter.
Max CVSS
7.5
EPSS Score
1.38%
Published
2004-12-31
Updated
2017-07-11
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close