Lucene search
K

197 matches found

NVD
NVD
added 2025/01/14 4:15 p.m.13 views

CVE-2025-22983

An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...

7.5CVSS0.00482EPSS
Exploits1References1
NVD
NVD
added 2025/01/14 4:15 p.m.18 views

CVE-2025-22984

An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...

7.5CVSS0.00482EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.3 views

IceCMS 安全漏洞

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version v2.2.0, which originates from improper access control in component/api/squareComment/DelectSquareById. An attacker...

7.5CVSS6.4AI score0.00482EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/14 12:0 a.m.8 views

CVE-2025-22984

An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...

7.6AI score0.00482EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

IceCMS 安全漏洞

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version v2.2.0, which originates from improper access control in component /square/getAllSquare/circle. An attacker...

7.5CVSS6.6AI score0.00482EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.5 views

PT-2025-4758 · Icecms · Icecms

Name of the Vulnerable Software and Affected Versions: iceCMS version 2.2.0 Description: An access control issue in the component "/api/squareComment/DelectSquareById" allows unauthenticated attackers to access sensitive information. Recommendations: For iceCMS version 2.2.0, consider disabling...

7.5CVSS6.6AI score0.00482EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.4 views

PT-2025-4757 · Icecms · Icecms

Name of the Vulnerable Software and Affected Versions: iceCMS version 2.2.0 Description: An access control issue in the component "/square/getAllSquare/circle" allows unauthenticated attackers to access sensitive information. Recommendations: For iceCMS version 2.2.0, consider restricting access ...

7.5CVSS6.7AI score0.00482EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/01/14 12:0 a.m.12 views

CVE-2025-22983

An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...

0.00482EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/14 12:0 a.m.18 views

CVE-2025-22984

An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...

0.00482EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/14 12:0 a.m.7 views

CVE-2025-22983

An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information...

7.6AI score0.00482EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 12:0 a.m.83 views

CVE-2025-22984

CVE-2025-22984 refers to an access-control vulnerability in iceCMS v2.2.0, where the endpoint /api/squareComment/DelectSquareById can be accessed by unauthenticated users to retrieve sensitive information. The publicly available descriptions consistently identify an improper access-control mechan...

7.5CVSS6.6AI score0.00482EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/01/14 12:0 a.m.54 views

CVE-2025-22983

CVE-2025-22983 affects iceCMS v2.2.0. Affected component: /square/getAllSquare/circle, where improper access control allows unauthenticated attackers to access sensitive information. Root cause is an access-control issue; impact is information disclosure. Exploitation details are not provided in ...

7.5CVSS6.6AI score0.00482EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2024/11/01 12:0 a.m.7 views

IceCMS File Upload Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A file upload vulnerability exists in IceCMS 3.4.7 and earlier versions, which stems from the lack of validation of uploaded files in the uploadFile method of FileUtils.java. An attacker can use...

9.8CVSS7.3AI score0.00621EPSS
Exploits1References1
NVD
NVD
added 2024/10/30 7:15 p.m.15 views

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

9.8CVSS0.00621EPSS
Exploits1References1
OSV
OSV
added 2024/10/30 7:15 p.m.2 views

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

9.8CVSS5.8AI score0.00621EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/30 12:0 a.m.11 views

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

6.9AI score0.00621EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.2 views

IceCMS 安全漏洞

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A file upload vulnerability exists in IceCMS 3.4.7 and earlier versions, which stems from the lack of validation of uploaded files in the uploadFile method of FileUtils.java. An attacker can use...

9.8CVSS7.4AI score0.00621EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/30 12:0 a.m.11 views

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

0.00621EPSS
Exploits1References1
CVE
CVE
added 2024/10/30 12:0 a.m.72 views

CVE-2024-48202

IceCMS

9.8CVSS7AI score0.00621EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/30 12:0 a.m.6 views

PT-2024-33023 · Icecms · Icecms

Name of the Vulnerable Software and Affected Versions: icecms versions 3.4.7 and earlier Description: The issue is related to a File Upload vulnerability. It affects the uploadFile function in FileUtils.java. Recommendations: For versions 3.4.7 and earlier, update to a version later than 3.4.7 to...

9.8CVSS7.2AI score0.00621EPSS
Exploits1References4
Rows per page
Query Builder