Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
idreamsoft icms vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-44977
In iCMS <=8.0.0, a directory traversal vulnerability allows an malicious user to read arbitrary files.
Idreamsoft Icms
4.9
CVSSv2
CVE-2019-8902
An issue exists in idreamsoft iCMS up to and including 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
Idreamsoft Icms
7.5
CVSSv2
CVE-2021-44978
iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution.
Idreamsoft Icms
6.8
CVSSv2
CVE-2020-21141
iCMS v7.0.15 exists to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=members&do=add.
Idreamsoft Icms 7.0.15
6.4
CVSSv2
CVE-2020-18070
Path Traversal in iCMS v7.0.13 allows remote malicious users to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".
Idreamsoft Icms 7.0.13
6.4
CVSSv2
CVE-2019-7234
An issue exists in idreamsoft iCMS 7.0.13. admincp.php?app=apps&do=save allows directory traversal via _app=/../ to begin the process of creating a ZIP archive file with the complete contents of any directory because of an apps.admincp.php error. This ZIP archive file can the...
Idreamsoft Icms 7.0.13
4.3
CVSSv2
CVE-2020-24739
A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account. When missing the CSRF_TOKEN and can still request normally, all administrators except the initial administrator will be deleted.
Idreamsoft Icms 7.0.0
6.8
CVSSv2
CVE-2020-26641
A Cross Site Request Forgery (CSRF) vulnerability exists in iCMS 7.0.16 which can allow an malicious user to execute arbitrary web scripts.
Idreamsoft Icms 7.0.16
7.5
CVSSv2
CVE-2019-17552
An issue exists in idreamsoft iCMS v7.0.14. There is a spider_project.admincp.php SQL injection vulnerability in the 'upload spider project scheme' feature via a two-dimensional payload.
Idreamsoft Icms 7.0.14
6.8
CVSSv2
CVE-2018-16365
An issue exists in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
Idreamsoft Icms 7.0.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »