Cross-site scripting (XSS) vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
CVSS Score
4.3
EPSS Score
0.032
Published
2012-10-22
SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to execute arbitrary SQL commands via the memberloginid cookie.
CVSS Score
7.5
EPSS Score
0.006
Published
2012-10-22