Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
idreamsoft icms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-11426
An XSS issue exists in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter.
Idreamsoft Icms 7.0.14
383
VMScore
CVE-2019-11427
An XSS issue exists in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter.
Idreamsoft Icms 7.0.14
605
VMScore
CVE-2020-26641
A Cross Site Request Forgery (CSRF) vulnerability exists in iCMS 7.0.16 which can allow an malicious user to execute arbitrary web scripts.
Idreamsoft Icms 7.0.16
570
VMScore
CVE-2020-18070
Path Traversal in iCMS v7.0.13 allows remote malicious users to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.admincp.php".
Idreamsoft Icms 7.0.13
NA
CVE-2022-41496
iCMS v7.0.16 exists to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php.
Idreamsoft Icms 7.0.16
605
VMScore
CVE-2020-21141
iCMS v7.0.15 exists to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=members&do=add.
Idreamsoft Icms 7.0.15
890
VMScore
CVE-2020-19142
iCMS 7 malicious users to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.
Idreamsoft Icms 7.0.0
890
VMScore
CVE-2020-19527
iCMS 7.0.14 malicious users to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.
Idreamsoft Icms 7.0.14
445
VMScore
CVE-2018-9922
An issue exists in idreamsoft iCMS up to and including 7.0.7. Physical path leakage exists via an invalid nickname field that reveals a core/library/weixin.class.php pathname.
Icmsdev Icms
312
VMScore
CVE-2018-9925
An issue exists in idreamsoft iCMS up to and including 7.0.7. XSS exists via the nickname field in an admincp.php?app=user&do=save&frame=iPHP request.
Icmsdev Icms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »