| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-4739 | 2.6 |
Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php.
|
17-10-2018 - 21:39 | 13-09-2006 - 22:07 | |
| CVE-2006-4737 | 7.5 |
SQL injection vulnerability in index.php in Jetbox CMS allows remote attackers to inject arbitrary web script or HTML via the item parameter. NOTE: The view vector is already covered by CVE-2006-3586.2.
|
17-10-2018 - 21:39 | 13-09-2006 - 22:07 | |
| CVE-2006-4740 | 5.0 |
Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message.
|
17-10-2018 - 21:39 | 13-09-2006 - 22:07 | |
| CVE-2006-4738 | 7.5 |
PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. NOTE: The relative_script_path vector is already covered by CVE-2006-2270.
|
17-10-2018 - 21:39 | 13-09-2006 - 22:07 |