197 matches found
IceCMS Authorization Issues Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation of NgShow individual developers. IceCMS 2.0.1 version of the authorization problem vulnerability , the vulnerability stems from the Article Handler component of the /article/DelectArticleById/ there...
IceCMS Access Control Error Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. An Access Control Error vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from the presence of an unknown function in /adplanet/PlanetCommentList in...
IceCMS Information Disclosure Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation of NgShow individual developers. An information leakage vulnerability exists in IceCMS version 2.0.1, which originates from the presence of an unknown function in /adplanet/PlanetUser in the API...
PT-2023-32759 · Thecosy · Thecosy Icecms
Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A vulnerability was found in the Captcha Handler component of the /login file, leading to improper restriction of excessive authentication attempts. This issue can be exploited remotely...
IceCMS Security Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version 2.0.1, which stems from the presence of an unknown function in the login of the Captcha Handler component, which ca...
IceCMS Security Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version 2.0.1, which originates from the presence of an unknown part of /WebResource/resource in the Love Handler component...
IceCMS Access Control Error Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. An Access Control Error vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from unknown processing in the User Data Handler component, resulting in...
PT-2023-32763 · Thecosy · Icecms
Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS versions up to 2.0.1 Description: A critical vulnerability was found in Thecosy IceCMS, allowing remote attackers to manage user sessions. The manipulation affects unknown code and can be initiated remotely. The exploit has bee...
PT-2023-32761 · Thecosy · Thecosy Icecms
Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A critical issue affects some unknown functionality of the file /adplanet/PlanetCommentList of the component API, leading to improper access controls. The attack may be launched remotely...
IceCMS Security Vulnerability
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in Thecosy IceCMS version 2.0.1, which stems from the presence of unknown code in the application that can be exploited by an attacke...
PT-2023-32762 · Thecosy · Thecosy Icecms
Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A vulnerability has been found in Thecosy IceCMS, affecting an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single,...
IceCMS Cross-Site Scripting Vulnerability (CNVD-2023-98191)
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A cross-site scripting vulnerability exists in IceCMS version 2.0.1. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be...
CVE-2023-6467
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may...
CVE-2023-6467
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may...
CVE-2023-6466
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...
Design/Logic Flaw
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may...
Cross site scripting
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...
CVE-2023-6467
The CVE-2023-6467 entry concerns Thecosy IceCMS 2.0.1. The vulnerability affects the Comment Like Handler component, specifically the processing of the file /Websquare/likeClickComment/. The root cause is improper enforcement of a single, unique action, which could be triggered remotely. Exploita...
CVE-2023-6466 Thecosy IceCMS User Comment planet cross site scripting
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...
CVE-2023-6466
The CVE-2023-6466 entry concerns Thecosy IceCMS 2.0.1. The vulnerability resides in the User Comment Handler component, affecting code in the /planet file, enabling cross-site scripting (XSS) via unfiltered user input. It is a remote, publicly disclosed issue affecting IceCMS. Observed impact per...