Lucene search
K

197 matches found

CNNVD
CNNVD
added 2023/12/13 12:0 a.m.5 views

IceCMS Authorization Issues Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation of NgShow individual developers. IceCMS 2.0.1 version of the authorization problem vulnerability , the vulnerability stems from the Article Handler component of the /article/DelectArticleById/ there...

5.5CVSS6.8AI score0.00695EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.4 views

IceCMS Access Control Error Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. An Access Control Error vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from the presence of an unknown function in /adplanet/PlanetCommentList in...

5.3CVSS6.8AI score0.00738EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.5 views

IceCMS Information Disclosure Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation of NgShow individual developers. An information leakage vulnerability exists in IceCMS version 2.0.1, which originates from the presence of an unknown function in /adplanet/PlanetUser in the API...

6.5CVSS6.5AI score0.00983EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.4 views

PT-2023-32759 · Thecosy · Thecosy Icecms

Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A vulnerability was found in the Captcha Handler component of the /login file, leading to improper restriction of excessive authentication attempts. This issue can be exploited remotely...

9.8CVSS7.2AI score0.01288EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.5 views

IceCMS Security Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version 2.0.1, which stems from the presence of an unknown function in the login of the Captcha Handler component, which ca...

9.8CVSS6.8AI score0.01288EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.5 views

IceCMS Security Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version 2.0.1, which originates from the presence of an unknown part of /WebResource/resource in the Love Handler component...

7.5CVSS6.7AI score0.00969EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.5 views

IceCMS Access Control Error Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. An Access Control Error vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from unknown processing in the User Data Handler component, resulting in...

8.8CVSS6.8AI score0.00791EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.6 views

PT-2023-32763 · Thecosy · Icecms

Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS versions up to 2.0.1 Description: A critical vulnerability was found in Thecosy IceCMS, allowing remote attackers to manage user sessions. The manipulation affects unknown code and can be initiated remotely. The exploit has bee...

6.5CVSS7.3AI score0.00641EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.4 views

PT-2023-32761 · Thecosy · Thecosy Icecms

Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A critical issue affects some unknown functionality of the file /adplanet/PlanetCommentList of the component API, leading to improper access controls. The attack may be launched remotely...

5.3CVSS5.6AI score0.00738EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.3 views

IceCMS Security Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from the presence of unknown code in the application that can be exploited by an attacke...

6.5CVSS6.9AI score0.00641EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.5 views

PT-2023-32762 · Thecosy · Thecosy Icecms

Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A vulnerability has been found in Thecosy IceCMS, affecting an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single,...

7.5CVSS5.6AI score0.00969EPSS
Exploits1References8
CNVD
CNVD
added 2023/12/05 12:0 a.m.15 views

IceCMS Cross-Site Scripting Vulnerability (CNVD-2023-98191)

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A cross-site scripting vulnerability exists in IceCMS version 2.0.1. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...

6.1CVSS5.1AI score0.00608EPSS
Exploits1References1
OSV
OSV
added 2023/12/02 2:15 p.m.8 views

CVE-2023-6467

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may...

3.7CVSS4.3AI score0.00618EPSS
Exploits1References3
NVD
NVD
added 2023/12/02 2:15 p.m.26 views

CVE-2023-6467

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may...

3.7CVSS0.00618EPSS
Exploits1References3
NVD
NVD
added 2023/12/02 2:15 p.m.30 views

CVE-2023-6466

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

6.1CVSS0.00608EPSS
Exploits1References3
Prion
Prion
added 2023/12/02 2:15 p.m.23 views

Design/Logic Flaw

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may...

2.1CVSS7.1AI score0.00618EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/12/02 2:15 p.m.17 views

Cross site scripting

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

4CVSS6.6AI score0.00608EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/12/02 2:0 p.m.44 views

CVE-2023-6467

The CVE-2023-6467 entry concerns Thecosy IceCMS 2.0.1. The vulnerability affects the Comment Like Handler component, specifically the processing of the file /Websquare/likeClickComment/. The root cause is improper enforcement of a single, unique action, which could be triggered remotely. Exploita...

3.7CVSS4AI score0.00618EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/12/02 1:31 p.m.33 views

CVE-2023-6466 Thecosy IceCMS User Comment planet cross site scripting

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

4CVSS6.3AI score0.00608EPSS
Exploits1References3
CVE
CVE
added 2023/12/02 1:31 p.m.39 views

CVE-2023-6466

The CVE-2023-6466 entry concerns Thecosy IceCMS 2.0.1. The vulnerability resides in the User Comment Handler component, affecting code in the /planet file, enabling cross-site scripting (XSS) via unfiltered user input. It is a remote, publicly disclosed issue affecting IceCMS. Observed impact per...

6.1CVSS4.9AI score0.00608EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder