Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
idreamsoft vulnerabilities and exploits
(subscribe to this query)
5.7
CVSSv3
CVE-2019-8902
An issue exists in idreamsoft iCMS up to and including 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
Idreamsoft Icms
7.5
CVSSv3
CVE-2021-44977
In iCMS <=8.0.0, a directory traversal vulnerability allows an malicious user to read arbitrary files.
Idreamsoft Icms
9.8
CVSSv3
CVE-2021-44978
iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution.
Idreamsoft Icms
6.1
CVSSv3
CVE-2019-11426
An XSS issue exists in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter.
Idreamsoft Icms 7.0.14
6.1
CVSSv3
CVE-2019-11427
An XSS issue exists in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter.
Idreamsoft Icms 7.0.14
8.8
CVSSv3
CVE-2023-40953
icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF).
Idreamsoft Icms 7.0.16
7.2
CVSSv3
CVE-2018-16320
idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.
Idreamsoft Icms 7.0.11
8.8
CVSSv3
CVE-2018-16332
An issue exists in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
Idreamsoft Icms 7.0.9
9.8
CVSSv3
CVE-2022-41496
iCMS v7.0.16 exists to contain a Server-Side Request Forgery (SSRF) via the url parameter at admincp.php.
Idreamsoft Icms 7.0.16
9.8
CVSSv3
CVE-2020-19527
iCMS 7.0.14 malicious users to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.
Idreamsoft Icms 7.0.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »