Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jcow Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-3203 1 Jcow 1 Jcow Cms 2020-01-16 7.5 HIGH 9.8 CRITICAL
A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2.
CVE-2011-3202 1 Jcow 1 Jcow Cms 2020-01-16 4.3 MEDIUM 6.1 MEDIUM
A Cross-Site Scripting (XSS) vulnerability exists in the g parameter to index.php in Jcow CMS 4.2 and earlier.
CVE-2011-3746 1 Jcow 1 Jcow 2012-03-11 5.0 MEDIUM N/A
Jcow 4.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/page.tpl.php and certain other files.