Total
28 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-16677 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=members&do=del allows CSRF. | |||||
CVE-2019-11427 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter. | |||||
CVE-2019-11426 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter. | |||||
CVE-2018-16366 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF. | |||||
CVE-2018-16365 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF. | |||||
CVE-2018-16332 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability. | |||||
CVE-2018-16320 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file. | |||||
CVE-2018-13865 | 1 Idreamsoft | 1 Icms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism. |