Jupiter CMS Multiple Scripts Multiple Input Validation Vulnerabilities

Jupiter CMS Multiple Scripts Multiple Input Validation Vulnerabilities

Jupiter CMS is prone to multiple input-validation vulnerabilities, including SQL-injection, HTML-injection, arbitrary file-upload issues, and remote/local file-include vulnerabilities, because the application fails to sanitize user-supplied input.

A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, exploit vulnerabilities in the underlying database implementation, and execute arbitrary code within the webserver process. Other attacks are also possible.

Version 1.1.5 is vulnerable; other versions may also be affected.