jspxcms

4 exploits Active since Dec 2018
CVE-2023-46911 GITEE MEDIUM java
Jspxcms v10.2.0 - XSS
There is a Cross Site Scripting (XSS) vulnerability in the choose_style_tree.do interface of Jspxcms v10.2.0 backend.
7 stars
CVSS 6.1
CVE-2022-28090 GITEE MEDIUM java
Ujcms Jspxcms - SSRF
Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery (SSRF) via /cmscp/ext/collect/fetch_url.do?url=.
7 stars
CVSS 6.5
CVE-2022-23329 GITEE CRITICAL java
Ujcms Jspxcms - Unrestricted File Upload
A vulnerability in ${"freemarker.template.utility.Execute"?new() of UJCMS Jspxcms v10.2.0 allows attackers to execute arbitrary commands via uploading malicious files.
7 stars
CVSS 9.8
CVE-2018-20596 GITEE CRITICAL java
Jspxcms - SSRF
Jspxcms v9.0.0 allows SSRF.
7 stars
CVSS 9.8