Efstratios Geroulis Jasmine Cms vulnerabilities
2 known vulnerabilities affecting efstratios_geroulis/jasmine_cms.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2007-3312P3CRITICALCVSS 9.0PoCv1.02007-06-21
CVE-2007-3312 [CRITICAL] CVE-2007-3312: Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authe
Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers.
nvd
CVE-2007-3313P3HIGHCVSS 7.5PoCv1.02007-06-21
CVE-2007-3313 [HIGH] CVE-2007-3313: Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrar
Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the login_username parameter to login.php or (2) the item parameter to news.php.
nvd