Vulnerabilities (CVE)

Filtered by vendor Macwk Subscribe
Filtered by product Icecms
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-36100 1 Macwk 1 Icecms 2024-10-01 N/A 9.8 CRITICAL
An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser.
CVE-2023-42188 1 Macwk 1 Icecms 2024-02-28 N/A 6.5 MEDIUM
IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF).