Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-14976
iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter.
Icmsdev Icms 7.0.15
6.8
CVSSv2
CVE-2018-16365
An issue exists in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
Idreamsoft Icms 7.0.10
NA
CVE-2023-42321
Cross Site Request Forgery (CSRF) vulnerability in icmsdev iCMSv.7.0.16 allows a remote malicious user to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files.
Icmsdev Icms 7.0.16
NA
CVE-2023-42322
Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote malicious user to obtain sensitive information.
Icmsdev Icms 7.0.16
NA
CVE-2023-40953
icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF).
Idreamsoft Icms 7.0.16
7.5
CVSSv2
CVE-2019-17552
An issue exists in idreamsoft iCMS v7.0.14. There is a spider_project.admincp.php SQL injection vulnerability in the 'upload spider project scheme' feature via a two-dimensional payload.
Idreamsoft Icms 7.0.14
5
CVSSv2
CVE-2019-17583
idreamsoft iCMS 7.0.15 allows remote malicious users to cause a denial of service (resource consumption) via a query for many comments, as demonstrated by the admincp.php?app=comment&perpage= substring followed by a large positive integer.
Idreamsoft Icms 7.0.15
6.8
CVSSv2
CVE-2018-16332
An issue exists in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
Idreamsoft Icms 7.0.9
6.8
CVSSv2
CVE-2018-16366
An issue exists in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.
Idreamsoft Icms 7.0.10
7.5
CVSSv2
CVE-2019-6259
An issue exists in idreamsoft iCMS V7.0.13. There is SQL Injection via the app/article/article.admincp.php _data_id parameter.
Icmsdev Icms 7.0.13
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »