Jalios Jcms vulnerabilities
2 known vulnerabilities affecting jalios/jcms.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-19033P2CRITICALCVSS 9.8v10.02019-11-21
CVE-2019-19033 [CRITICAL] CWE-798 CVE-2019-19033: Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with adminis
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password.
nvd
CVE-2020-15497P4MEDIUMCVSS 6.1v10.0.22020-07-17
CVE-2020-15497 [MEDIUM] CWE-79 CVE-2020-15497: jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types para
jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this vulnerability is not present in the standard installation of Jalios JCMS
nvd