Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
idreamsoft vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-39806
iCMS v7.0.16 exists to contain a SQL injection vulnerability via the bakupdata function.
Idreamsoft Icms 7.0.16
9.8
CVSSv3
CVE-2020-19142
iCMS 7 malicious users to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.
Idreamsoft Icms 7.0.0
9.8
CVSSv3
CVE-2022-41496
iCMS v7.0.16 exists to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php.
Idreamsoft Icms 7.0.16
7.2
CVSSv3
CVE-2018-16320
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.
Idreamsoft Icms 7.0.11
8.8
CVSSv3
CVE-2018-16332
An issue exists in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
Idreamsoft Icms 7.0.9
8.8
CVSSv3
CVE-2018-16365
An issue exists in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
Idreamsoft Icms 7.0.10
8.8
CVSSv3
CVE-2018-16366
An issue exists in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.
Idreamsoft Icms 7.0.10
6.1
CVSSv3
CVE-2018-13865
An issue exists in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism.
Idreamsoft Icms 7.0.9
9.8
CVSSv3
CVE-2019-6259
An issue exists in idreamsoft iCMS V7.0.13. There is SQL Injection via the app/article/article.admincp.php _data_id parameter.
Icmsdev Icms 7.0.13
5.3
CVSSv3
CVE-2018-9922
An issue exists in idreamsoft iCMS up to and including 7.0.7. Physical path leakage exists via an invalid nickname field that reveals a core/library/weixin.class.php pathname.
Icmsdev Icms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »