Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icmsdev icms 7.0.7 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-10117
An issue exists in idreamsoft iCMS V7.0.7. There is a CSRF vulnerability that can add an admin account via admincp.php?app=members&do=save&frame=iPHP.
Icmsdev Icms 7.0.7
312
VMScore
CVE-2018-9925
An issue exists in idreamsoft iCMS up to and including 7.0.7. XSS exists via the nickname field in an admincp.php?app=user&do=save&frame=iPHP request.
Icmsdev Icms
445
VMScore
CVE-2018-9922
An issue exists in idreamsoft iCMS up to and including 7.0.7. Physical path leakage exists via an invalid nickname field that reveals a core/library/weixin.class.php pathname.
Icmsdev Icms
668
VMScore
CVE-2018-9924
An issue exists in idreamsoft iCMS up to and including 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request.
Icmsdev Icms
605
VMScore
CVE-2018-9923
An issue exists in idreamsoft iCMS up to and including 7.0.7. CSRF exists in admincp.php, as demonstrated by adding an article via an app=article&do=save&frame=iPHP request.
Icmsdev Icms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started