Jakweb Gecko Cms vulnerabilities
4 known vulnerabilities affecting jakweb/gecko_cms.
Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2015-1423P3MEDIUMCVSS 6.5PoCv2.2v2.32015-01-29
CVE-2015-1423 [MEDIUM] CWE-89 CVE-2015-1423: Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execu
Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php.
nvd
CVE-2015-1424P3MEDIUMCVSS 6.8PoCv2.2v2.32015-01-29
CVE-2015-1424 [MEDIUM] CWE-352 CVE-2015-1424: Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to
Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to hijack the authentication of administrators for requests that add an administrator user via a newuser request to admin/index.php.
nvd
CVE-2015-1425P3CRITICALCVSS 9.8v2.2v2.32020-02-18
CVE-2015-1425 [CRITICAL] CWE-20 CVE-2015-1425: JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities
JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities
nvd
CVE-2015-1422P4MEDIUMCVSS 4.3PoCv2.2v2.32015-01-29
CVE-2015-1422 [MEDIUM] CWE-79 CVE-2015-1422: Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers
Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) horder[], (2) jak_catid, (3) jak_content, (4) jak_css, (5) jak_delete_log[], (6) jak_email, (7) jak_extfile, (8) jak_file, (9) jak_hookshow[], (10) jak_img, (11) jak_javascript, (12) jak_lcontent, (13) ja
nvd