Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14976 | 1 Icmsdev | 1 Icms | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter. | |||||
| CVE-2018-14415 | 1 Icmsdev | 1 Icms | 2018-09-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists via the fourth and fifth input elements on the admincp.php?app=prop&do=add screen. | |||||
| CVE-2018-10250 | 1 Icmsdev | 1 Icms | 2018-05-21 | 3.5 LOW | 5.4 MEDIUM |
| iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixin_category action, aka a WeChat Classified Management keyword search. | |||||
| CVE-2018-9925 | 1 Icmsdev | 1 Icms | 2018-04-17 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in idreamsoft iCMS through 7.0.7. XSS exists via the nickname field in an admincp.php?app=user&do=save&frame=iPHP request. | |||||
| CVE-2018-9922 | 1 Icmsdev | 1 Icms | 2018-04-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in idreamsoft iCMS through 7.0.7. Physical path leakage exists via an invalid nickname field that reveals a core/library/weixin.class.php pathname. | |||||