汇总 jnmsolutions 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 跨站脚本与路径处理缺陷 相关,可能在 软件部署与生产负载 场景中带来 文件覆盖与会话劫持 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2009-2440 | Cross-site scripting (XSS) vulnerability in index.php in JNM Guestbook 3.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | [email protected] | 4.3 | 1.00% | 2009-07-13 | 2026-04-23 |
| CVE-2009-2111 | Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 allows remote attackers to inject arbitrary PHP code via a crafted (1) url and (2) location parameter. | [email protected] | 10.0 | 4.62% | 2009-06-18 | 2026-04-23 |
| CVE-2009-2110 | Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the u parameter to (1) full.php, (2) index.php, and (3) contact.php. | [email protected] | 7.6 | 4.27% | 2009-06-18 | 2026-04-23 |