Jnoj Jiangnan Online Judge — known CVE vulnerabilities
Every CVE whose affected-product data names Jnoj Jiangnan Online Judge, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2019-17490 — CVSS 8.8 (high): app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated…
CVE-2019-17537 — CVSS 7.5 (high): Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../…
CVE-2019-17538 — CVSS 7.5 (high): Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../…
CVE-2019-17489 — CVSS 6.1 (medium): Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[title] parameter to web/polygon/problem/create or web/polygon/problem/update…
CVE-2019-17491 — CVSS 6.1 (medium): Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[description] parameter to web/admin/problem/create or web/polygon/problem/upd…
CVE-2019-17493 — CVSS 6.1 (medium): Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[sample_input] parameter to web/admin/problem/create or…