CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-3081

SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.8%

CVSS Severity

CVSS v2 Score 7.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84285
https://github.com/JojoCMS/Jojo-CMS/commit/972757c4500d94b4b1306bf092e678add3a987d8
https://www.htbridge.com/advisory/HTB23153
https://exchange.xforce.ibmcloud.com/vulnerabilities/84285
https://github.com/JojoCMS/Jojo-CMS/commit/972757c4500d94b4b1306bf092e678add3a987d8
https://www.htbridge.com/advisory/HTB23153

Products affected by CVE-2013-3081

Jojocms » Jojo-Cms » Version: 1.1

cpe:2.3:a:jojocms:jojo-cms:1.1
Jojocms » Jojo-Cms » Version: 1.2

cpe:2.3:a:jojocms:jojo-cms:1.2
Jojocms » Jojo-Cms » Version: 1.2.1

cpe:2.3:a:jojocms:jojo-cms:1.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-3081

Products

Pricing

Contact Us