JojoCMS/Jojo-CMS

JojoCMS/Jojo-CMS

www.jojocms.org

Releases24

Frequency2 months 4 weeks

Last Release over 8 years ago

Stars20

Jojo is an SEO-friendly, fast, and extensible PHP-based CMS

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-11723 ↗	Jul 29, 2017Saturday, 29 July 2017, 05:29	—	5 MEDIUM
Directory traversal vulnerability in plugins/ImageManager/backend.php in Xinha 0.96, as used in Jojo 4.4.0, allows remote attackers to delete any folder via directory traversal sequences in the deld parameter.
CVE-2013-3081 ↗	Jun 9, 2014Monday, 9 June 2014, 19:55	—	7.5 HIGH
SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.
CVE-2013-3082 ↗	Jun 9, 2014Monday, 9 June 2014, 19:55	—	4.3 MEDIUM
Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/.