This page aggregates publicly disclosed CVE and security risk information related to cj_design, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2006-4797 | Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter. | [email protected] | 4.3 | 0.35% | 2006-09-14 | 2026-04-16 |
| CVE-2006-4451 | Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the (1) User-Agent HTTP header in tag.php, which is executed by all.php, and (2) the banned parameter in admin_index.php. | [email protected] | 7.5 | 0.71% | 2006-08-30 | 2026-04-16 |
| CVE-2005-2899 | Multiple cross-site scripting (XSS) vulnerabilities in details.php in CjTagBoard 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date, (2) time, (3) name, (4) ip, (5) agent, or (6) msg parameter. | [email protected] | 4.3 | 0.28% | 2005-09-14 | 2026-04-16 |