Filtered by vendor Aditus
Subscriptions
Filtered by product Jpgraph
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-39165 | 1 Aditus | 1 Jpgraph | 2024-12-04 | 9.8 Critical |
QR/demoapp/qr_image.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload in the data parameter in conjunction with a .php file name in the filename parameter. This occurs because an unnecessary QR/demoapp folder.is shipped with the product. | ||||
CVE-2009-4422 | 1 Aditus | 1 Jpgraph | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors. |
Page 1 of 1.