Lucene search

JON Security Vulnerabilities

cve

CVE-2023-30868

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Christopher CMS Tree Page View plugin <= 1.6.7...

7.1CVSS

5.9AI Score

0.001EPSS

2023-05-18 09:15 AM

cve

CVE-2002-2011

Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file...

5.7AI Score

0.011EPSS

2022-10-03 04:23 PM

cve

CVE-2008-5083

In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss...

6.5CVSS

6.4AI Score

0.001EPSS

2019-11-08 12:15 AM

cve

CVE-2002-0934

Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the middle of a .. (dot dot) sequence in the parameters (1) _browser_out or (2)...

9.4AI Score

0.003EPSS

2002-10-04 04:00 AM

cve

CVE-2001-1085

Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary...

6.8AI Score

0.0004EPSS

2002-06-25 04:00 AM

cve

CVE-2000-1190

imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc...

6.6AI Score

0.0004EPSS

2002-03-09 05:00 AM