CVE-2021-36434

Published February 3rd, 2023

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_check function in jocms/apps/mask/inc/getmask.php.

mxgbr/jocms

jocms - A Simple CMS for Easy Editing

GitHub