Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-42322
Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote malicious user to obtain sensitive information.
Icmsdev Icms 7.0.16
7.2
CVSSv3
CVE-2018-16320
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.
Idreamsoft Icms 7.0.11
9.8
CVSSv3
CVE-2020-19527
iCMS 7.0.14 malicious users to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.
Idreamsoft Icms 7.0.14
6.1
CVSSv3
CVE-2019-14976
iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter.
Icmsdev Icms 7.0.15
8.8
CVSSv3
CVE-2018-16314
An issue exists in admincp.php in idreamsoft iCMS 7.0.11. When verifying CSRF_TOKEN, if CSRF_TOKEN does not exist, only the Referer header is validated, which can be bypassed via an admincp.php substring in this header.
Icmsdev Icms 7.0.11
8.8
CVSSv3
CVE-2018-16332
An issue exists in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
Idreamsoft Icms 7.0.9
8.8
CVSSv3
CVE-2018-16365
An issue exists in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
Idreamsoft Icms 7.0.10
8.8
CVSSv3
CVE-2018-16366
An issue exists in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.
Idreamsoft Icms 7.0.10
9.8
CVSSv3
CVE-2020-19142
iCMS 7 malicious users to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.
Idreamsoft Icms 7.0.0
NA
CVE-2005-4219
setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains username and password information in cleartext, which might allow malicious users to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that...
Innovative Cms Innovative Cms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5