cbcvebase.

Jakweb Gecko Cms vulnerabilities

4 known vulnerabilities affecting jakweb/gecko_cms.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2015-1423P3MEDIUMCVSS 6.5PoCv2.2v2.32015-01-29
CVE-2015-1423 [MEDIUM] CWE-89 CVE-2015-1423: Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execu Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php.
nvd
CVE-2015-1424P3MEDIUMCVSS 6.8PoCv2.2v2.32015-01-29
CVE-2015-1424 [MEDIUM] CWE-352 CVE-2015-1424: Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to hijack the authentication of administrators for requests that add an administrator user via a newuser request to admin/index.php.
nvd
CVE-2015-1425P3CRITICALCVSS 9.8v2.2v2.32020-02-18
CVE-2015-1425 [CRITICAL] CWE-20 CVE-2015-1425: JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities
nvd
CVE-2015-1422P4MEDIUMCVSS 4.3PoCv2.2v2.32015-01-29
CVE-2015-1422 [MEDIUM] CWE-79 CVE-2015-1422: Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) horder[], (2) jak_catid, (3) jak_content, (4) jak_css, (5) jak_delete_log[], (6) jak_email, (7) jak_extfile, (8) jak_file, (9) jak_hookshow[], (10) jak_img, (11) jak_javascript, (12) jak_lcontent, (13) ja
nvd
Jakweb Gecko Cms vulnerabilities | cvebase