Filtered by vendor Idreamsoft
Subscribe
Search
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44977 | 1 Idreamsoft | 1 Icms | 2022-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files. | |||||
| CVE-2020-21141 | 1 Idreamsoft | 1 Icms | 2021-11-16 | 6.8 MEDIUM | 8.8 HIGH |
| iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=members&do=add. | |||||
| CVE-2020-26641 | 1 Idreamsoft | 1 Icms | 2021-06-03 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross Site Request Forgery (CSRF) vulnerability was discovered in iCMS 7.0.16 which can allow an attacker to execute arbitrary web scripts. | |||||
| CVE-2019-17583 | 1 Idreamsoft | 1 Icms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| idreamsoft iCMS 7.0.15 allows remote attackers to cause a denial of service (resource consumption) via a query for many comments, as demonstrated by the admincp.php?app=comment&perpage= substring followed by a large positive integer. | |||||
| CVE-2018-16365 | 1 Idreamsoft | 1 Icms | 2019-04-16 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF. | |||||
| CVE-2018-16366 | 1 Idreamsoft | 1 Icms | 2019-04-16 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF. | |||||
| CVE-2019-7235 | 1 Idreamsoft | 1 Icms | 2019-02-01 | 6.4 MEDIUM | 7.5 HIGH |
| An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to designate an arbitrary directory because of an apps.admincp.php error. This directory can then be deleted via an admincp.php?app=apps&do=uninstall request. | |||||
| CVE-2019-7237 | 2 Idreamsoft, Microsoft | 2 Icms, Windows | 2019-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/editor.admincp.php allows admincp.php?app=files&do=browse ..\ Directory Traversal. | |||||
| CVE-2019-7236 | 1 Idreamsoft | 1 Icms | 2019-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal. | |||||
| CVE-2018-16320 | 1 Idreamsoft | 1 Icms | 2018-11-02 | 6.5 MEDIUM | 7.2 HIGH |
| idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file. | |||||
| CVE-2018-16332 | 1 Idreamsoft | 1 Icms | 2018-10-24 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability. | |||||