Lucene search

Dreamer Cms Security Vulnerabilities

cve

CVE-2023-50017

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

7.9AI Score

0.001EPSS

2023-12-14 07:15 PM

cve

CVE-2023-49484

Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management...

5.4CVSS

6.4AI Score

0.0004EPSS

2023-12-08 03:15 PM

cve

CVE-2023-48912

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

7.9AI Score

0.001EPSS

2023-11-30 02:15 PM

cve

CVE-2023-48913

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

7.9AI Score

0.001EPSS

2023-11-30 02:15 PM

cve

CVE-2023-48914

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

7.9AI Score

0.001EPSS

2023-11-30 02:15 PM

cve

CVE-2023-46886

Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be...

9.1CVSS

7.3AI Score

0.001EPSS

2023-11-29 05:15 AM

cve

CVE-2023-46887

In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File Download...

7.5CVSS

7.4AI Score

0.001EPSS

2023-11-29 05:15 AM

cve

CVE-2023-48017

Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF in Permission...

8.8CVSS

7.5AI Score

0.001EPSS

2023-11-18 02:15 AM

cve

CVE-2023-48021

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...

8.8CVSS

8AI Score

0.001EPSS

2023-11-14 03:15 PM

cve

CVE-2023-48020

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...

8.8CVSS

8AI Score

0.001EPSS

2023-11-14 03:15 PM

cve

CVE-2023-48058

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-11-13 04:15 PM

cve

CVE-2023-48060

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-11-13 04:15 PM

cve

CVE-2023-48063

An issue was discovered in dreamer_cms 4.1.3. There is a CSRF vulnerability that can delete a theme project via...

4.3CVSS

7.4AI Score

0.0005EPSS

2023-11-13 04:15 PM

cve

CVE-2023-45901

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-10-17 02:15 PM

cve

CVE-2023-45907

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-10-17 02:15 PM

cve

CVE-2023-45903

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-10-17 02:15 PM

cve

CVE-2023-45904

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-10-17 02:15 PM

cve

CVE-2023-45905

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-10-17 02:15 PM

cve

CVE-2023-45902

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-10-17 02:15 PM

cve

CVE-2023-45906

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...

8.8CVSS

8AI Score

0.001EPSS

2023-10-17 02:15 PM

cve

CVE-2023-43857

Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component...

5.4CVSS

5.3AI Score

0.0004EPSS

2023-09-27 03:19 PM

cve

CVE-2023-43856

Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component...

7.5CVSS

7.3AI Score

0.001EPSS

2023-09-27 03:19 PM

cve

CVE-2023-43382

Directory Traversal vulnerability in itechyou dreamer CMS v.4.1.3 allows a remote attacker to execute arbitrary code via the themePath in the uploaded template...

8.8CVSS

7.7AI Score

0.001EPSS

2023-09-25 04:15 PM

cve

CVE-2023-42279

Dreamer CMS v4.1.3 was discovered to contain a SQL injection vulnerability via the model-form-management-field...

9.8CVSS

9.8AI Score

0.001EPSS

2023-09-21 06:15 PM

cve

CVE-2023-2473

A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be...

7.5CVSS

7.5AI Score

0.001EPSS

2023-05-02 01:15 PM

cve

CVE-2023-29774

Dreamer CMS 3.0.1 is vulnerable to stored Cross Site Scripting...

5.4CVSS

5.4AI Score

0.0005EPSS

2023-04-18 03:15 PM

cve

CVE-2023-1746

A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. Affected is an unknown function of the component File Upload Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-224634 is the identifier assigned to...

5.4CVSS

5.3AI Score

0.001EPSS

2023-03-30 11:15 PM

cve

CVE-2023-27084

Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to obtain sensitive information via the AttachmentController...

5.3CVSS

5AI Score

0.0004EPSS

2023-03-16 02:15 AM

cve

CVE-2022-42245

Dreamer CMS 4.0.01 is vulnerable to SQL...

9.8CVSS

9.5AI Score

0.002EPSS

2022-11-17 04:15 AM

cve

CVE-2021-43084

An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via the tableName...

9.8CVSS

9.8AI Score

0.002EPSS

2022-03-24 06:15 PM